/*
 * Copyright (C) 2015-2020, Wazuh Inc.
 *
 * This program is free software; you can redistribute it
 * and/or modify it under the terms of the GNU General Public
 * License (version 2) as published by the FSF - Free Software
 * Foundation.
 */

#include <stdarg.h>
#include <stddef.h>
#include <setjmp.h>
#include <cmocka.h>
#include <stdio.h>

#include "../../wrappers/common.h"
#include "../../wrappers/externals/cJSON/cJSON_wrappers.h"
#include "../../wrappers/externals/openssl/init_wrappers.h"
#include "../../wrappers/externals/openssl/ssl_init_wrappers.h"
#include "../../wrappers/externals/sqlite/sqlite3_wrappers.h"
#include "../../wrappers/libc/stdio_wrappers.h"
#include "../../wrappers/libc/string_wrappers.h"
#include "../../wrappers/posix/dirent_wrappers.h"
#include "../../wrappers/posix/unistd_wrappers.h"
#include "../../wrappers/wazuh/shared/url_wrappers.h"
#include "../../wrappers/wazuh/shared/json_op_wrappers.h"
#include "../../wrappers/wazuh/shared/debug_op_wrappers.h"
#include "../../wrappers/wazuh/shared/hash_op_wrappers.h"
#include "../../wrappers/wazuh/shared/mq_op_wrappers.h"
#include "../../wrappers/wazuh/shared/os_utils_wrappers.h"
#include "../../wrappers/wazuh/shared/string_op_wrappers.h"
#include "../../wrappers/wazuh/os_regex/os_regex_wrappers.h"
#include "../../wrappers/wazuh/os_net/os_net_wrappers.h"
#include "../../wrappers/wazuh/wazuh_modules/wm_vuln_detector_wrappers.h"

#include "../../wazuh_modules/wmodules.h"
#include "../../../wazuh_modules/vulnerability_detector/wm_vuln_detector_db.h"
#include "../../headers/shared.h"
#include "mocks_wm_vuln_detector.h"

#define REPORT_CVE_VULDET_POS 0
#define REPORT_CVE_REPORT_POS 1

#define PKG1_POS 0
#define PKG2_POS 1

void wm_vuldet_init(wm_vuldet_t *vuldet);
references *wm_vuldet_extract_advisories(cJSON *advisories);
char *wm_vuldet_build_url(char *pattern, char *value);
int wm_vuldet_compare_pkg(cve_vuln_pkg *Pkg1, cve_vuln_pkg *Pkg2);
int wm_vuldet_add_cve_node(cve_vuln_pkg *newPkg, const char *cve, OSHash *cve_table);
cJSON *wm_vuldet_get_cvss(const char *scoring_vector);
void wm_vuldet_free_agent_software(agent_software *agent);
int wm_vuldet_get_os_unix_info(agent_software *agent);
int wm_vuldet_generate_os_and_kernel_package(sqlite3 *db, agent_software *agent);
int wm_vuldet_report_agent_vulnerabilities(sqlite3 *db, agent_software *agent, wm_vuldet_flags *flags);
int wm_vuldet_discard_kernel_package(agent_software *agent, const char *name, const char *version, const char *arch);
int wm_vuldet_send_agent_report(sqlite3 *db, OSHash *cve_table, agent_software *agents_it);
int wm_vuldet_linux_rm_nvd_not_affected_packages(sqlite3 *db, agent_software *agent, const char *cve, cve_vuln_pkg *first, int *vuln_discarded);
void wm_vuldet_linux_rm_nvd_not_dependencies_met_packages(const char *cve, cve_vuln_pkg *first, int *vuln_discarded);
void wm_vuldet_linux_rm_nvd_not_vulnerable_packages(const char *cve, cve_vuln_pkg *first, int *vuln_discarded);
int wm_vuldet_linux_rm_oval_not_affected_packages(sqlite3 *db, const char *cve, cve_vuln_pkg *first, int *vuln_discarded);
int wm_vuldet_fetch_redhat(update_node *update);
int wm_vuldet_fetch_oval(update_node *update, char *repo);
int wm_vuldet_check_timestamp(const char *target, char *timst, char *ret_timst);
cJSON *wm_vuldet_json_fread(char *json_file);
cJSON *wm_vuldet_get_debian_status_feed(update_node *update);
char *wm_vuldet_oval_xml_preparser(char *path, vu_feed dist);
int wm_vuldet_json_rh_parser(cJSON *json_feed, wm_vuldet_db *parsed_vulnerabilities);
int wm_vuldet_oval_process(update_node *update, char *path, wm_vuldet_db *parsed_vulnerabilities);
int wm_vuldet_oval_xml_parser(OS_XML *xml, XML_NODE node, wm_vuldet_db *parsed_oval, update_node *update, vu_logic condition);
int wm_vuldet_json_parser(char *json_path, wm_vuldet_db *parsed_vulnerabilities, update_node *update);
int wm_vuldet_index_debian(sqlite3 *db, const char *target, update_node *update);
int wm_vuldet_index_json(wm_vuldet_db *parsed_vulnerabilities, update_node *update, char *path, char multi_path);
bool wm_vuldet_set_feed_update_url(update_node *update);
void wm_vuldet_oval_append_rhsa(vulnerability *vul_it, char *cve);
void wm_vuldet_oval_copy_rhsa(vulnerability *old, vulnerability *new);
void wm_vuldet_oval_traverse_rhsa(vulnerability *vul_it);
void wm_vuldet_add_oval_vulnerability(wm_vuldet_db *ctrl_block);
void wm_vuldet_clean_vulnerability_info(wm_vuldet_db *ctrl_block);
int wm_vuldet_insert_cve_info(wm_vuldet_db *parsed_oval, sqlite3 *db, sqlite3_stmt *stmt);
void wm_vuldet_set_subversion(char *version, char **os_minor);
void wm_vuldet_get_package_os(const char *version, const char **os_major, char **os_minor);
char * wm_vuldet_get_hash(const char *target);
feed_metadata * wm_vuldet_parse_MSU_metadata(char *path);
bool wm_vuldet_check_enabled_msu(sqlite3 *db);
int wm_insert_MSU_metadata(feed_metadata *msu, update_node *update);
feed_metadata * wm_vuldet_fetch_MSU_metadata(update_node *update);
bool wm_vuldet_update_MSU(update_node *update);
int wm_vuldet_fetch_MSU(update_node *update, char *repo);
int wm_vuldet_compare_vendors(char * vendor);
void wm_vuldel_truncate_revision(char * revision);

/* setup/teardown */

const char *redhat_feed_mock_no_bz = "[ {\n \
    \"CVE\":\"CVE-000\",\n \
    \"severity\":\"important\",\n \
    \"public_date\":\"2019-11-17T00:00:00Z\",\n \
    \"advisories\":[\n \
       \"RHSA-2020:0921\",\n \
       \"RHSA-2020:0913\",\n \
       \"RHSA-2020:0920\"\n \
    ],\n \
    \"bugzilla\":\"1829870\",\n \
    \"cvss_score\":null,\n \
    \"cvss_scoring_vector\":null,\n \
    \"CWE\":\"(CWE-122|CWE-190)\",\n \
    \"affected_packages\":[\n \
       \"wazuhintegrationpackage-0-0:1.0.el5_0.2\"\n \
    ],\n \
    \"resource_url\":\"\",\n \
    \"cvss3_scoring_vector\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\",\n \
    \"cvss3_score\":\"8.6\",\n \
    \"dummy-key\":\"dummy-value\"\n \
  } ]";

const char *redhat_feed_mock_str_score = "[ {\n \
    \"CVE\":\"CVE-000\",\n \
    \"severity\":\"important\",\n \
    \"public_date\":\"2019-11-17T00:00:00Z\",\n \
    \"advisories\":[\n \
       \"RHSA-2020:0921\",\n \
       \"RHSA-2020:0913\",\n \
       \"RHSA-2020:0920\"\n \
    ],\n \
    \"bugzilla\":\"1829870\",\n \
    \"bugzilla_description\":\"CVE-000 wazuhintegrationpackage-0 testing\",\n \
    \"cvss_score\":\"5.1\",\n \
    \"cvss_scoring_vector\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\n \
    \"CWE\":\"(CWE-122|CWE-190)\",\n \
    \"affected_packages\":[\n \
       \"wazuhintegrationpackage-0-0:1.0.el5_0.2\"\n \
    ],\n \
    \"resource_url\":\"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-000.json\",\n \
    \"cvss3_scoring_vector\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\",\n \
    \"cvss3_score\":\"8.6\"\n \
  } ]";

const char *redhat_feed_mock_num_score = "[ {\n \
    \"CVE\":\"CVE-000\",\n \
    \"severity\":\"important\",\n \
    \"public_date\":\"2019-11-17T00:00:00Z\",\n \
    \"advisories\":[\n \
       \"RHSA-2020:0921\",\n \
       \"RHSA-2020:0913\",\n \
       \"RHSA-2020:0920\"\n \
    ],\n \
    \"bugzilla\":\"1829870\",\n \
    \"bugzilla_description\":\"CVE-000 wazuhintegrationpackage-0 testing\",\n \
    \"cvss_score\":5.1,\n \
    \"cvss_scoring_vector\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\n \
    \"CWE\":\"(CWE-122|CWE-190)\",\n \
    \"affected_packages\":[\n \
       \"wazuhintegrationpackage-0-0:1.0.el5_0.2\"\n \
    ],\n \
    \"resource_url\":\"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-000.json\",\n \
    \"cvss3_scoring_vector\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\",\n \
    \"cvss3_score\":8.6\n \
  } ]";

static int build_test_cve_report(vu_report* report, int add_title, int add_condition, int add_ip, int is_hotfix)
{

    if (!report)
        return OS_INVALID;

    if (1 == add_title)
        os_strdup("The CVE title.", report->title);

    if (1 == add_condition)
        os_strdup("Package less than 4.3-2", report->condition);

    if (1 == add_ip)
        os_strdup("192.168.0.125", report->agent_ip);

    os_strdup("CVE-2016-6489", report->cve);
    os_strdup("The CVE description or rationale.", report->rationale);
    os_strdup("2020-03-05T15:15:00Z", report->published);
    os_strdup("2020-05-25T15:15:00Z", report->updated);
    os_strdup("cve@mitre.org", report->assigner);
    os_strdup("4.0", report->cve_version);
    report->pending = 1;
    report->is_hotfix = is_hotfix;
    // Impact
    os_strdup(vu_severities[VU_HIGH], report->severity);
    os_calloc(1, sizeof(cv_scoring_system), report->cvss2);
    os_strdup("2.0", report->cvss2->version);
    os_strdup("AV:N/AC:M/Au:N/C:N/I:N/A:C", report->cvss2->vector_string);
    report->cvss2->impact_score = 6.9;
    report->cvss2->exploitability_score = 8.6;
    report->cvss2->base_score = 7.1;
    os_calloc(1, sizeof(cv_scoring_system), report->cvss3);
    os_strdup("3.0", report->cvss3->version);
    os_strdup("AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", report->cvss3->vector_string);
    report->cvss3->impact_score = 3.6;
    report->cvss3->exploitability_score = 2.2;
    report->cvss3->base_score = 5.9;
    os_strdup("CWE-502", report->cwe);
    // References
    os_realloc(report->advisories, 2 * sizeof(char *), report->advisories);
    os_strdup("RHSA-2020:0975", report->advisories[0]);
    report->advisories[1] = NULL;
    os_realloc(report->bugzilla_references, 2 * sizeof(char *), report->bugzilla_references);
    os_strdup("http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286", report->bugzilla_references[0]);
    report->bugzilla_references[1] = NULL;
    os_realloc(report->references, 2 * sizeof(char *), report->references);
    os_strdup("http://rhn.redhat.com/errata/RHSA-2016-2582.html", report->references[0]);
    report->references[1] = NULL;
    os_realloc(report->ref_sources, 2 * sizeof(char *), report->ref_sources);
    os_strdup("REDHAT", report->ref_sources[0]);
    report->ref_sources[1] = NULL;
    // Reported software
    os_strdup("libhogweed4", report->software);
    os_strdup("nettle", report->source);
    os_strdup("o:microsoft:windows_server_2008:r2:sp1::::::", report->generated_cpe);
    os_strdup("3.4-1", report->version);
    os_strdup("CVE-2016-6489 reports as vulnerable all the versions of this package", report->operation);
    os_strdup("4.3-2", report->operation_value);
    os_strdup("amd64", report->arch);
    // Agent data
    os_strdup("001", report->agent_id);
    os_strdup("Ubuntu_WAgent", report->agent_name);

    return OS_SUCCESS;
}

static int build_test_hash_node(OSHashNode* node, uint8_t feed) {
    if (!node)
        return OS_INVALID;

    os_strdup("CVE-2016-6489", node->key);

    cve_vuln_pkg* data = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), data);
    if (!data) {
        os_free(node->key);
        return OS_INVALID;
    }

    node->data = data;

    cve_vuln_pkg* next = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), next);
    if (!next) {
        os_free(node->key);
        wm_vuldet_free_cve_node(node->data);
        return OS_INVALID;
    }

    ((cve_vuln_pkg*)node->data)->next = next;
    data->discard = 1;

    w_strdup("libhogweed4", next->bin_name);
    w_strdup("5.3.4", next->version);
    next->feed |= feed;

    cve_vuln_cond_NVD* nvd_cond = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond);
    if (!nvd_cond) {
        os_free(node->key);
        wm_vuldet_free_cve_node(node->data);
        return OS_INVALID;
    }

    next->nvd_cond = nvd_cond;

    cve_vuln_cond *vuln_cond = NULL;
    os_calloc(1, sizeof(cve_vuln_cond), vuln_cond);
    if (!vuln_cond) {
        os_free(node->key);
        wm_vuldet_free_cve_node(node->data);
        return OS_INVALID;
    }

    //vuln_cond->pending = 1; CHECK
    os_strdup("Pending confirmation", vuln_cond->state);
    os_strdup("CVE-2016-6489 reports as vulnerable all the versions of this package", vuln_cond->operation);
    os_strdup("4.3-2", vuln_cond->operation_value);
    os_strdup("Package less than 4.3-2", vuln_cond->condition);

    next->vuln_cond = vuln_cond;

    return OS_SUCCESS;
}

static int setup_agent_software(void **state) {
    agent_software *agent = calloc(1, sizeof(agent_software));

    if(!agent) {
        return OS_INVALID;
    }

    agent->agent_id = strdup("000");
    *state = agent;
    test_mode = 1;
    return OS_SUCCESS;
}

static int teardown_agent_software(void **state) {
    agent_software *agent = *state;

    if(agent) {
        wm_vuldet_free_agent_software(agent);
    }

    return OS_SUCCESS;
}

static int setup_cve_report(void **state) {
    wm_vuldet_t *vuldet = calloc(1, sizeof(wm_vuldet_t));

    if (!vuldet) {
        return OS_INVALID;
    }

    state[REPORT_CVE_VULDET_POS] = vuldet;
    vuldet->flags.enabled = 1;
    vuldet->flags.run_on_start = 1;

    expect_string(__wrap_StartMQ, path, DEFAULTQPATH);
    expect_value(__wrap_StartMQ, type, WRITE);
    will_return(__wrap_StartMQ, 1);

    will_return_always(__wrap_OPENSSL_init_ssl, 1);
    will_return(__wrap_OPENSSL_init_crypto, 1);

    wm_vuldet_init(vuldet);

    vu_report *report = calloc(1, sizeof(vu_report));

    if(!report) {
        os_free(vuldet);
        return OS_INVALID;
    }

    state[REPORT_CVE_REPORT_POS] = report;
    wm_max_eps = 1000000;

    return OS_SUCCESS;
}

static int teardown_cve_report(void **state) {
    wm_vuldet_t *vuldet = state[REPORT_CVE_VULDET_POS];
    vu_report *report = state[REPORT_CVE_REPORT_POS];

    if(vuldet) {
        os_free(vuldet);
    }

    if(report) {
        wm_vuldet_free_report(report);
    }

    return OS_SUCCESS;
}

static int setup_package_comparison(void **state) {
    cve_vuln_pkg *Pkg1 = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), Pkg1);

    cve_vuln_pkg *Pkg2 = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), Pkg2);

    cve_vuln_cond_NVD* nvd_cond1 = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond1);

    cve_vuln_cond_NVD* nvd_cond2 = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond2);

    cve_vuln_cond* vuln_cond1 = NULL;
    os_calloc(1, sizeof(cve_vuln_cond), vuln_cond1);

    cve_vuln_cond* vuln_cond2 = NULL;
    os_calloc(1, sizeof(cve_vuln_cond), vuln_cond2);

    if (!Pkg1 || !Pkg2 || !nvd_cond1 || !nvd_cond2 || !vuln_cond1 || !vuln_cond2) {
        os_free(vuln_cond1);
        os_free(vuln_cond2);
        os_free(nvd_cond1);
        os_free(nvd_cond2);
        os_free(Pkg1);
        os_free(Pkg2);
        return OS_INVALID;
    }

    Pkg1->vuln_cond = vuln_cond1;
    Pkg2->vuln_cond = vuln_cond2;

    Pkg1->nvd_cond = nvd_cond1;
    Pkg2->nvd_cond = nvd_cond2;

    state[PKG1_POS] = Pkg1;
    state[PKG2_POS] = Pkg2;

    return OS_SUCCESS;
}

static int teardown_package_comparison(void **state) {
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    if (Pkg1) wm_vuldet_free_cve_node(Pkg1);
    if (Pkg2) wm_vuldet_free_cve_node(Pkg2);

    return OS_SUCCESS;
}

static int setup_debian_json(void **state) {
    cJSON *json = __real_cJSON_CreateObject();
    *state = json;
    test_mode = 1;
    return 0;
}

static int teardown_debian_json(void **state) {
    cJSON *json = *state;
    if (json) {
        __real_cJSON_Delete(json);
    }
    test_mode = 0;
    return 0;
}

static int setup_group(void **state) {
    test_mode = 1;
    return 0;
}

static int teardown_group(void **state) {
    test_mode = 0;
    return 0;
}

static int setup_json_rh_parser_decode(void **state) {
    test_mode = 0;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return 0;
    }

    *state = parsed_vulnerabilities;

    return 0;
}

static int setup_json_rh_parser_decode_test_mode(void **state) {
    test_mode = 1;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return 0;
    }

    *state = parsed_vulnerabilities;

    return 0;
}

static int teardown_json_rh_parser_decode(void **state) {
    test_mode = 0;

    wm_vuldet_db *parsed_vulnerabilities = *state;

    if (parsed_vulnerabilities) {
        if (parsed_vulnerabilities->info_cves) {
            os_free(parsed_vulnerabilities->info_cves->cveid);
            os_free(parsed_vulnerabilities->info_cves->severity);
            os_free(parsed_vulnerabilities->info_cves->published);
            free_strarray(parsed_vulnerabilities->info_cves->refs->values);
            os_free(parsed_vulnerabilities->info_cves->refs);
            os_free(parsed_vulnerabilities->info_cves->description);
            os_free(parsed_vulnerabilities->info_cves->cvss);
            os_free(parsed_vulnerabilities->info_cves->cvss3);
            os_free(parsed_vulnerabilities->info_cves->cvss_vector);
            os_free(parsed_vulnerabilities->info_cves->cvss3_vector);
            free_strarray(parsed_vulnerabilities->info_cves->bugzilla_references->values);
            os_free(parsed_vulnerabilities->info_cves->bugzilla_references);
            free_strarray(parsed_vulnerabilities->info_cves->advisories->values);
            os_free(parsed_vulnerabilities->info_cves->advisories);
            os_free(parsed_vulnerabilities->info_cves->cwe);
            os_free(parsed_vulnerabilities->info_cves);
        }
        if (parsed_vulnerabilities->rh_vulnerabilities) {
            os_free(parsed_vulnerabilities->rh_vulnerabilities->cve_id);
            os_free(parsed_vulnerabilities->rh_vulnerabilities->OS_minor);
            os_free(parsed_vulnerabilities->rh_vulnerabilities->package_name);
            os_free(parsed_vulnerabilities->rh_vulnerabilities->package_version);
            struct rh_vulnerability *prev = parsed_vulnerabilities->rh_vulnerabilities->prev;
            os_free(parsed_vulnerabilities->rh_vulnerabilities);
            if (prev) {
                os_free(prev->cve_id);
                os_free(prev->OS_minor);
                os_free(prev->package_name);
                os_free(prev->package_version);
                os_free(prev);
            }
        }
        os_free(parsed_vulnerabilities->metadata.product_name);
        os_free(parsed_vulnerabilities->metadata.product_version);
        os_free(parsed_vulnerabilities->metadata.schema_version);
        os_free(parsed_vulnerabilities->metadata.timestamp);
        os_free(parsed_vulnerabilities);
    }

    return 0;
}

static int setup_info_cves(void **state) {
    info_cve *info_cves = calloc(1, sizeof(info_cve));

    struct references * refs = calloc(1, sizeof(struct references));
    struct references *bugzilla_references = calloc(1, sizeof(struct references));
    struct references *advisories = calloc(1, sizeof(struct references));

    if(!info_cves) {
        return OS_INVALID;
    }

    os_strdup("CVE-1234-1234", info_cves->cveid);
    os_strdup("title", info_cves->title);
    os_strdup("severity", info_cves->severity);
    os_strdup("published", info_cves->published);
    os_strdup("updated", info_cves->updated);
    info_cves->refs = refs;
    info_cves->refs->elements = 1;
    os_realloc(info_cves->refs->values, 2 * sizeof(char *), info_cves->refs->values);
    os_strdup("refs value", info_cves->refs->values[0]);
    info_cves->refs->values[1] = NULL;
    os_strdup("description", info_cves->description);
    os_strdup("cvss", info_cves->cvss);
    os_strdup("cvss3", info_cves->cvss3);
    os_strdup("cvss_vector", info_cves->cvss_vector);
    os_strdup("cvss3_vector", info_cves->cvss3_vector);
    info_cves->bugzilla_references = bugzilla_references;
    info_cves->bugzilla_references->elements = 1;
    os_realloc(info_cves->bugzilla_references->values, 2 * sizeof(char *), info_cves->bugzilla_references->values);
    os_strdup("bugzilla value", info_cves->bugzilla_references->values[0]);
    info_cves->bugzilla_references->values[1] = NULL;
    info_cves->advisories = advisories;
    info_cves->advisories->elements = 1;
    os_realloc(info_cves->advisories->values, 2 * sizeof(char *), info_cves->advisories->values);
    os_strdup("advisories value", info_cves->advisories->values[0]);
    info_cves->advisories->values[1] = NULL;
    os_strdup("cwe", info_cves->cwe);
    info_cves->flags = 1;
    info_cves->prev = NULL;

    *state = info_cves;

    return OS_SUCCESS;
}

static int teardown_info_cves(void **state) {

    info_cve *info_cves = *state;

    if(info_cves) {
        if (info_cves->refs)
            free_strarray(info_cves->refs->values);

        if (info_cves->bugzilla_references)
            free_strarray(info_cves->bugzilla_references->values);

        if (info_cves->advisories)
            free_strarray(info_cves->advisories->values);

        free(info_cves->cveid);
        free(info_cves->title);
        free(info_cves->severity);
        free(info_cves->published);
        free(info_cves->updated);
        free(info_cves->refs);
        free(info_cves->description);
        free(info_cves->cvss);
        free(info_cves->cvss_vector);
        free(info_cves->cvss3);
        free(info_cves->cvss3_vector);
        free(info_cves->bugzilla_references);
        free(info_cves->advisories);
        free(info_cves->cwe);
        free(info_cves);
    }

    return OS_SUCCESS;
}

/* tests */

/* wm_vuldet_get_os_unix_info */
void test_wm_vuldet_get_os_unix_info (void **state)
{
    agent_software *agent = *state;

    const char *query = "agent 000 sql SELECT OS_MAJOR, OS_MINOR, OS_PATCH, RELEASE FROM SYS_OSINFO;";
    size_t query_size = strlen(query) + 1;

    char *response = "ok [{\"os_major\":\"10.0\",\"os_minor\":\"1\",\"release\":\"4.5.1\"}]";
    size_t response_size = strlen(response) + 1;

    expect_string(__wrap_OS_ConnectUnixDomain, path, WDB_LOCAL_SOCK_PATH);
    expect_value(__wrap_OS_ConnectUnixDomain, type, SOCK_STREAM);
    expect_value(__wrap_OS_ConnectUnixDomain, max_msg_size, OS_SIZE_6144);
    will_return(__wrap_OS_ConnectUnixDomain, 11111);

    expect_value(__wrap_OS_SendSecureTCP, sock, 11111);
    expect_value(__wrap_OS_SendSecureTCP, size, query_size);
    expect_string(__wrap_OS_SendSecureTCP, msg, query);
    will_return(__wrap_OS_SendSecureTCP, 0);

    expect_value(__wrap_OS_RecvSecureTCP, sock, 11111);
    expect_value(__wrap_OS_RecvSecureTCP, size, OS_SIZE_128);
    will_return(__wrap_OS_RecvSecureTCP, response);
    will_return(__wrap_OS_RecvSecureTCP, response_size);

    cJSON* parsed_json = __real_cJSON_CreateArray();
    cJSON* object = __real_cJSON_CreateObject();
    __real_cJSON_AddItemToArray(parsed_json, object);
    cJSON* os_major = __real_cJSON_CreateString("10.0");
    cJSON* os_minor = __real_cJSON_CreateString("1");
    cJSON* release = __real_cJSON_CreateString("4.5.1");
    __real_cJSON_AddItemToObject(object, "os_major", os_major);
    __real_cJSON_AddItemToObject(object, "os_minor", os_minor);
    __real_cJSON_AddItemToObject(object, "release", release);

    will_return(__wrap_cJSON_Parse, parsed_json);
    will_return(__wrap_cJSON_GetObjectItem, os_major);
    will_return(__wrap_cJSON_GetObjectItem, os_minor);
    will_return(__wrap_cJSON_GetObjectItem, NULL);
    will_return(__wrap_cJSON_GetObjectItem, release);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_get_os_unix_info(agent);

    assert_int_equal(ret, 0);
    assert_string_equal(agent->os_release, "10.0.1");
    assert_string_equal(agent->kernel_release, "4.5.1");

    __real_cJSON_Delete(parsed_json);
}

void test_wm_vuldet_get_os_unix_info_only_major(void **state)
{
    agent_software *agent = *state;

    const char *query = "agent 000 sql SELECT OS_MAJOR, OS_MINOR, OS_PATCH, RELEASE FROM SYS_OSINFO;";
    size_t query_size = strlen(query) + 1;

    char *response = "ok [{\"os_major\":\"10.0 LTS\"}]";
    size_t response_size = strlen(response) + 1;

    expect_value(__wrap_OS_SendSecureTCP, sock, 11111);
    expect_value(__wrap_OS_SendSecureTCP, size, query_size);
    expect_string(__wrap_OS_SendSecureTCP, msg, query);
    will_return(__wrap_OS_SendSecureTCP, 0);

    expect_value(__wrap_OS_RecvSecureTCP, sock, 11111);
    expect_value(__wrap_OS_RecvSecureTCP, size, OS_SIZE_128);
    will_return(__wrap_OS_RecvSecureTCP, response);
    will_return(__wrap_OS_RecvSecureTCP, response_size);

    cJSON* parsed_json = __real_cJSON_CreateArray();
    cJSON* object = __real_cJSON_CreateObject();
    __real_cJSON_AddItemToArray(parsed_json, object);
    cJSON* os_major = __real_cJSON_CreateString("10.0");
    __real_cJSON_AddItemToObject(object, "os_major", os_major);

    will_return(__wrap_cJSON_Parse, parsed_json);
    will_return(__wrap_cJSON_GetObjectItem, os_major);
    will_return(__wrap_cJSON_GetObjectItem, NULL);
    will_return(__wrap_cJSON_GetObjectItem, NULL);
    will_return(__wrap_cJSON_GetObjectItem, NULL);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_get_os_unix_info(agent);

    assert_int_equal(ret, 0);
    assert_string_equal(agent->os_release, "10.0.0");
    assert_null(agent->kernel_release);

    __real_cJSON_Delete(parsed_json);
}

void test_wm_vuldet_get_os_unix_info_only_release(void **state)
{
    agent_software *agent = *state;

    const char *query = "agent 000 sql SELECT OS_MAJOR, OS_MINOR, OS_PATCH, RELEASE FROM SYS_OSINFO;";
    size_t query_size = strlen(query) + 1;

    char *response = "ok [{\"release\":\"4.5.1\"}]";
    size_t response_size = strlen(response) + 1;

    expect_value(__wrap_OS_SendSecureTCP, sock, 11111);
    expect_value(__wrap_OS_SendSecureTCP, size, query_size);
    expect_string(__wrap_OS_SendSecureTCP, msg, query);
    will_return(__wrap_OS_SendSecureTCP, 0);

    expect_value(__wrap_OS_RecvSecureTCP, sock, 11111);
    expect_value(__wrap_OS_RecvSecureTCP, size, OS_SIZE_128);
    will_return(__wrap_OS_RecvSecureTCP, response);
    will_return(__wrap_OS_RecvSecureTCP, response_size);

    cJSON* parsed_json = __real_cJSON_CreateArray();
    cJSON* object = __real_cJSON_CreateObject();
    __real_cJSON_AddItemToArray(parsed_json, object);
    cJSON* release = __real_cJSON_CreateString("4.5.1");
    __real_cJSON_AddItemToObject(object, "release", release);

    will_return(__wrap_cJSON_Parse, parsed_json);
    will_return(__wrap_cJSON_GetObjectItem, NULL);
    will_return(__wrap_cJSON_GetObjectItem, release);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_get_os_unix_info(agent);

    assert_int_equal(ret, 0);
    assert_null(agent->os_release);
    assert_string_equal(agent->kernel_release, "4.5.1");

    __real_cJSON_Delete(parsed_json);
}

void test_wm_vuldet_get_os_unix_info_null_agent(void **state)
{
    agent_software *agent = *state;

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5566): The agent structure is not initialized.");

    int ret = wm_vuldet_get_os_unix_info(agent);

    assert_int_equal(ret, -1);
}

void test_wm_vuldet_get_os_unix_info_request_invalid(void **state)
{
    agent_software *agent = *state;

    const char *query = "agent 000 sql SELECT OS_MAJOR, OS_MINOR, OS_PATCH, RELEASE FROM SYS_OSINFO;";
    size_t query_size = strlen(query) + 1;

    expect_value(__wrap_OS_SendSecureTCP, sock, 11111);
    expect_value(__wrap_OS_SendSecureTCP, size, query_size);
    expect_string(__wrap_OS_SendSecureTCP, msg, query);
    will_return(__wrap_OS_SendSecureTCP, 0);

    expect_value(__wrap_OS_RecvSecureTCP, sock, 11111);
    expect_value(__wrap_OS_RecvSecureTCP, size, OS_SIZE_128);
    will_return(__wrap_OS_RecvSecureTCP, "");
    will_return(__wrap_OS_RecvSecureTCP, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5568): Couldn't get the OS information of the agent '000'");

    int ret = wm_vuldet_get_os_unix_info(agent);

    assert_int_equal(ret, -1);
    assert_null(agent->os_release);
    assert_null(agent->kernel_release);
}

void test_wm_vuldet_get_os_unix_info_request_error(void **state)
{
    agent_software *agent = *state;

    const char *query = "agent 000 sql SELECT OS_MAJOR, OS_MINOR, OS_PATCH, RELEASE FROM SYS_OSINFO;";
    size_t query_size = strlen(query) + 1;

    expect_string(__wrap_OS_ConnectUnixDomain, path, WDB_LOCAL_SOCK_PATH);
    expect_value(__wrap_OS_ConnectUnixDomain, type, SOCK_STREAM);
    expect_value(__wrap_OS_ConnectUnixDomain, max_msg_size, OS_SIZE_6144);
    will_return(__wrap_OS_ConnectUnixDomain, 11111);

    expect_value(__wrap_OS_SendSecureTCP, sock, 11111);
    expect_value(__wrap_OS_SendSecureTCP, size, query_size);
    expect_string(__wrap_OS_SendSecureTCP, msg, query);
    will_return(__wrap_OS_SendSecureTCP, 0);

    expect_value(__wrap_OS_RecvSecureTCP, sock, 11111);
    expect_value(__wrap_OS_RecvSecureTCP, size, OS_SIZE_128);
    will_return(__wrap_OS_RecvSecureTCP, "err");
    will_return(__wrap_OS_RecvSecureTCP, 3);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5530): Invalid response from wazuh-db: 'err'");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5568): Couldn't get the OS information of the agent '000'");

    int ret = wm_vuldet_get_os_unix_info(agent);

    assert_int_equal(ret, -1);
    assert_null(agent->os_release);
    assert_null(agent->kernel_release);
}

void test_wm_vuldet_get_os_unix_info_request_empty(void **state)
{
    agent_software *agent = *state;

    const char *query = "agent 000 sql SELECT OS_MAJOR, OS_MINOR, OS_PATCH, RELEASE FROM SYS_OSINFO;";
    size_t query_size = strlen(query) + 1;

    expect_value(__wrap_OS_SendSecureTCP, sock, 11111);
    expect_value(__wrap_OS_SendSecureTCP, size, query_size);
    expect_string(__wrap_OS_SendSecureTCP, msg, query);
    will_return(__wrap_OS_SendSecureTCP, 0);

    expect_value(__wrap_OS_RecvSecureTCP, sock, 11111);
    expect_value(__wrap_OS_RecvSecureTCP, size, OS_SIZE_128);
    will_return(__wrap_OS_RecvSecureTCP, "ok []");
    will_return(__wrap_OS_RecvSecureTCP, 5);

    int ret = wm_vuldet_get_os_unix_info(agent);

    assert_int_equal(ret, 0);
    assert_null(agent->os_release);
    assert_null(agent->kernel_release);
}

void test_wm_vuldet_get_os_unix_info_request_parse_error(void **state)
{
    agent_software *agent = *state;

    const char *query = "agent 000 sql SELECT OS_MAJOR, OS_MINOR, OS_PATCH, RELEASE FROM SYS_OSINFO;";
    size_t query_size = strlen(query) + 1;

    expect_value(__wrap_OS_SendSecureTCP, sock, 11111);
    expect_value(__wrap_OS_SendSecureTCP, size, query_size);
    expect_string(__wrap_OS_SendSecureTCP, msg, query);
    will_return(__wrap_OS_SendSecureTCP, 0);

    expect_value(__wrap_OS_RecvSecureTCP, sock, 11111);
    expect_value(__wrap_OS_RecvSecureTCP, size, OS_SIZE_128);
    will_return(__wrap_OS_RecvSecureTCP, "ok answer");
    will_return(__wrap_OS_RecvSecureTCP, 9);

    will_return(__wrap_cJSON_Parse, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5568): Couldn't get the OS information of the agent '000'");

    int ret = wm_vuldet_get_os_unix_info(agent);

    assert_int_equal(ret, -1);
    assert_null(agent->os_release);
    assert_null(agent->kernel_release);
}

void test_wm_vuldet_get_os_unix_info_mac (void **state)
{
    agent_software *agent = *state;

    const char *query = "agent 000 sql SELECT OS_MAJOR, OS_MINOR, OS_PATCH, RELEASE FROM SYS_OSINFO;";
    size_t query_size = strlen(query) + 1;

    char *response = "ok [{\"os_major\":\"10\",\"os_minor\":\"15\",\"os_patch\":\"1\",\"release\":\"19.0.0\"}]";
    size_t response_size = strlen(response) + 1;

    expect_value(__wrap_OS_SendSecureTCP, sock, 11111);
    expect_value(__wrap_OS_SendSecureTCP, size, query_size);
    expect_string(__wrap_OS_SendSecureTCP, msg, query);
    will_return(__wrap_OS_SendSecureTCP, 0);

    expect_value(__wrap_OS_RecvSecureTCP, sock, 11111);
    expect_value(__wrap_OS_RecvSecureTCP, size, OS_SIZE_128);
    will_return(__wrap_OS_RecvSecureTCP, response);
    will_return(__wrap_OS_RecvSecureTCP, response_size);

    cJSON* parsed_json = __real_cJSON_CreateArray();
    cJSON* object = __real_cJSON_CreateObject();
    __real_cJSON_AddItemToArray(parsed_json, object);
    cJSON* os_major = __real_cJSON_CreateString("10");
    cJSON* os_minor = __real_cJSON_CreateString("15");
    cJSON* os_patch = __real_cJSON_CreateString("1");
    cJSON* release = __real_cJSON_CreateString("19.0.0");
    __real_cJSON_AddItemToObject(object, "os_major", os_major);
    __real_cJSON_AddItemToObject(object, "os_minor", os_minor);
    __real_cJSON_AddItemToObject(object, "os_patch", os_patch);
    __real_cJSON_AddItemToObject(object, "release", release);

    will_return(__wrap_cJSON_Parse, parsed_json);
    will_return(__wrap_cJSON_GetObjectItem, os_major);
    will_return(__wrap_cJSON_GetObjectItem, os_minor);
    will_return(__wrap_cJSON_GetObjectItem, os_patch);
    will_return(__wrap_cJSON_GetObjectItem, release);

    expect_function_call(__wrap_cJSON_Delete);

    agent->dist = FEED_MAC;
    int ret = wm_vuldet_get_os_unix_info(agent);

    assert_int_equal(ret, 0);
    assert_string_equal(agent->os_release, "10.15.1");
    assert_string_equal(agent->kernel_release, "19.0.0");

    __real_cJSON_Delete(parsed_json);
}

/* wm_vuldet_linux_rm_nvd_not_affected_packages */

void test_wm_vuldet_linux_rm_nvd_not_affected_packages_oval()
{
    sqlite3 *db = NULL;
    agent_software *agent = NULL;
    const char *cve  = NULL;
    cve_vuln_pkg *first = NULL;
    int *vuln_discarded = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), first);
    first->feed = VU_SRC_OVAL;
    int ret = wm_vuldet_linux_rm_nvd_not_affected_packages(db, agent, cve, first, vuln_discarded);
    assert_int_equal(ret, 0);

    os_free(first);
}

void test_wm_vuldet_linux_rm_nvd_not_affected_packages_vendor_Ubuntu(void **state)
{
    sqlite3 *db = NULL;
    agent_software *agent = *state;
    const char *cve = "CVE-000-000";
    cve_vuln_pkg *first = NULL;
    int *vuln_discarded = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), first);
    os_calloc(1, sizeof(int), vuln_discarded);

    first->feed = VU_SRC_NVD;
    first->bin_name = "test-wazuh";
    first->vendor = "ubuntu";
    agent->dist = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is not affected (feed 'OVAL').");

    int ret = wm_vuldet_linux_rm_nvd_not_affected_packages(db, agent, cve, first, vuln_discarded);
    assert_int_equal(ret, 0);

    os_free(first);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_nvd_not_affected_packages_vendor_Debian(void **state)
{
    sqlite3 *db = NULL;
    agent_software *agent = *state;
    const char *cve = "CVE-000-000";
    cve_vuln_pkg *first = NULL;
    int *vuln_discarded = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), first);
    os_calloc(1, sizeof(int), vuln_discarded);

    first->feed = VU_SRC_NVD;
    first->bin_name = "test-wazuh";
    first->vendor = "debian";
    agent->dist = FEED_DEBIAN;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is not affected (feed 'OVAL').");

    int ret = wm_vuldet_linux_rm_nvd_not_affected_packages(db, agent, cve, first, vuln_discarded);
    assert_int_equal(ret, 0);

    os_free(first);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_nvd_not_affected_packages_vendor_RedHat(void **state)
{
    sqlite3 *db = NULL;
    agent_software *agent = *state;
    const char *cve = "CVE-000-000";
    cve_vuln_pkg *first = NULL;
    int *vuln_discarded = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), first);
    os_calloc(1, sizeof(int), vuln_discarded);

    first->feed = VU_SRC_NVD;
    first->bin_name = "test-wazuh";
    first->vendor = "Red Hat, Inc.";
    agent->dist = FEED_REDHAT;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is not affected (feed 'OVAL').");

    int ret = wm_vuldet_linux_rm_nvd_not_affected_packages(db, agent, cve, first, vuln_discarded);
    assert_int_equal(ret, 0);

    os_free(first);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_nvd_not_affected_packages_vuln_count_failed_prepare(void **state)
{
    sqlite3 *db = NULL;
    agent_software *agent = *state;
    const char *cve = "CVE-000-000";
    cve_vuln_pkg *first = NULL;
    int *vuln_discarded = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), first);
    first->feed = VU_SRC_NVD;
    first->bin_name = "test-wazuh";

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5573): Couldn't verify if the vulnerability 'CVE-000-000' of the package 'test-wazuh' is already patched.");

    will_return(__wrap_sqlite3_close_v2, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    int ret = wm_vuldet_linux_rm_nvd_not_affected_packages(db, agent, cve, first, vuln_discarded);
    assert_int_equal(ret, OS_INVALID);

    os_free(first);
}

void test_wm_vuldet_linux_rm_nvd_not_affected_packages_nvd_debian_discard(void **state)
{
    sqlite3 *db = NULL;
    agent_software *agent = *state;
    const char *cve = "CVE-000-000";
    cve_vuln_pkg *first = NULL;
    int *vuln_discarded = NULL;

    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_pkg), first);
    first->feed = VU_SRC_NVD;
    first->bin_name = "test-wazuh";
    first->src_name = "test-wazuh-src";
    first->vendor = "Wazuh Inc.";
    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_STRETCH;

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "STRETCH");

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is not affected (feed 'OVAL').");

    int ret = wm_vuldet_linux_rm_nvd_not_affected_packages(db, agent, cve, first, vuln_discarded);
    assert_int_equal(ret, 0);
    assert_int_equal(*vuln_discarded, 1);

    os_free(first);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_nvd_not_affected_packages_nvd_ubuntu_discard(void **state)
{
    sqlite3 *db = NULL;
    agent_software *agent = *state;
    const char *cve = "CVE-000-000";
    cve_vuln_pkg *first = NULL;
    int *vuln_discarded = NULL;

    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_pkg), first);
    first->feed = VU_SRC_NVD;
    first->bin_name = "test-wazuh";
    first->src_name = "test-wazuh-src";
    first->vendor = "Wazuh Inc.";
    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is not affected (feed 'OVAL').");

    int ret = wm_vuldet_linux_rm_nvd_not_affected_packages(db, agent, cve, first, vuln_discarded);
    assert_int_equal(ret, 0);
    assert_int_equal(*vuln_discarded, 1);

    os_free(first);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_nvd_not_affected_packages_nvd_ubuntu_feeds(void **state)
{
    sqlite3 *db = NULL;
    agent_software *agent = *state;
    const char *cve = "CVE-000-000";
    cve_vuln_pkg *first = NULL;
    int *vuln_discarded = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), first);
    first->feed = VU_SRC_NVD;
    first->bin_name = "test-wazuh";
    first->vendor = "Wazuh Inc.";
    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");

    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_linux_rm_nvd_not_affected_packages(db, agent, cve, first, vuln_discarded);
    assert_int_equal(ret, 0);

    os_free(first);
}

/* wm_vuldet_linux_rm_nvd_not_dependencies_met_packages */

void test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_OVAL()
{
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    pkg->feed = VU_SRC_OVAL;
    wm_vuldet_linux_rm_nvd_not_dependencies_met_packages(cve, pkg, vuln_discarded);

    os_free(pkg);
}

void test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_children_not_found()
{
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond_NVD), pkg->nvd_cond);

    pkg->feed = VU_SRC_NVD;
    pkg->bin_name = "test-wazuh";
    pkg->nvd_cond->operator = "AND";
    pkg->nvd_cond->id = 7;
    pkg->nvd_cond->children[0] = 2;
    cve = "CVE-OOO-OOO";

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5463): Package 'test-wazuh' not vulnerable to 'CVE-OOO-OOO' since it don't meet its 'children' dependency on package with ID '2'");

    wm_vuldet_linux_rm_nvd_not_dependencies_met_packages(cve, pkg, vuln_discarded);
    assert_int_equal(*vuln_discarded, 1);

    os_free(pkg->nvd_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_children_found()
{
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond_NVD), pkg->nvd_cond);

    pkg->feed = VU_SRC_NVD;
    pkg->bin_name = "test-wazuh";
    pkg->nvd_cond->operator= "AND";
    pkg->nvd_cond->id = 7;
    pkg->nvd_cond->children[0] = 7; // the package has itself as a dependency
    cve = "CVE-OOO-OOO";

    wm_vuldet_linux_rm_nvd_not_dependencies_met_packages(cve, pkg, vuln_discarded);
    assert_int_equal(*vuln_discarded, 0);

    os_free(pkg->nvd_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_siblings_not_found()
{
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond_NVD), pkg->nvd_cond);

    pkg->feed = VU_SRC_NVD;
    pkg->bin_name = "test-wazuh";
    pkg->nvd_cond->parent = 1;
    pkg->nvd_cond->operator = "OR";
    pkg->nvd_cond->id = 7;
    pkg->nvd_cond->siblings[0] = 2;
    cve = "CVE-OOO-OOO";

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5463): Package 'test-wazuh' not vulnerable to 'CVE-OOO-OOO' since it don't meet its 'sibling' dependency on package with ID '2'");

    wm_vuldet_linux_rm_nvd_not_dependencies_met_packages(cve, pkg, vuln_discarded);
    assert_int_equal(*vuln_discarded, 1);

    os_free(pkg->nvd_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_siblings_found()
{
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond_NVD), pkg->nvd_cond);

    pkg->feed = VU_SRC_NVD;
    pkg->bin_name = "test-wazuh";
    pkg->nvd_cond->parent = 1;
    pkg->nvd_cond->operator= "OR";
    pkg->nvd_cond->conf_id = 7;
    pkg->nvd_cond->siblings[0] = 7; // the package has itself as a dependency
    cve = "CVE-OOO-OOO";

    wm_vuldet_linux_rm_nvd_not_dependencies_met_packages(cve, pkg, vuln_discarded);
    assert_int_equal(*vuln_discarded, 0);

    os_free(pkg->nvd_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

/* wm_vuldet_linux_rm_nvd_not_vulnerable_packages */

void test_wm_vuldet_linux_rm_nvd_not_vulnerable_packages_oval()
{
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond_NVD), pkg->nvd_cond);
    pkg->feed == VU_SRC_OVAL;

    wm_vuldet_linux_rm_nvd_not_vulnerable_packages(cve, pkg, vuln_discarded);
    assert_int_equal(*vuln_discarded, 0);

    os_free(pkg->nvd_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_nvd_not_vulnerable_packages_discarded()
{
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond_NVD), pkg->nvd_cond);

    pkg->bin_name = "test-wazuh";
    pkg->feed = VU_SRC_NVD;
    cve = "CVE-000-000";

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5464): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is a dependency not vulnerable.");

    wm_vuldet_linux_rm_nvd_not_vulnerable_packages(cve, pkg, vuln_discarded);
    assert_int_equal(*vuln_discarded, 1);

    os_free(pkg->nvd_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

/* wm_vuldet_linux_rm_oval_not_affected_packages */

void test_wm_vuldet_linux_rm_oval_not_affected_packages_source_failed_prepare_nvd_count()
{
    sqlite3 *db = (sqlite3 *)1;
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond), pkg->vuln_cond);

    pkg->vuln_cond->state = "Unfixed";
    pkg->feed = VU_SRC_OVAL;
    pkg->bin_name = "test-wazuh";
    pkg->src_name = "test-wazuh-src";
    cve = "CVE-000-000";

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5584): Couldn't verify if the vulnerability 'CVE-000-000' is reported in the NVD feed.");

    will_return(__wrap_sqlite3_close_v2, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    int ret = wm_vuldet_linux_rm_oval_not_affected_packages(db, cve, pkg, vuln_discarded);
    assert_int_equal(ret, OS_INVALID);

    os_free(pkg->vuln_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_oval_not_affected_packages_source_no_nvd_cve()
{
    sqlite3 *db = (sqlite3 *)1;
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond), pkg->vuln_cond);

    pkg->vuln_cond->state = "Unfixed";
    pkg->feed = VU_SRC_OVAL;
    pkg->bin_name = "test-wazuh";
    pkg->src_name = "test-wazuh-src";
    cve = "CVE-000-000";

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);

    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_linux_rm_oval_not_affected_packages(db, cve, pkg, vuln_discarded);
    assert_int_equal(ret, OS_SUCCESS);

    os_free(pkg->vuln_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_oval_not_affected_packages_source_failed_prepare_matches_count()
{
    sqlite3 *db = (sqlite3 *)1;
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond), pkg->vuln_cond);

    pkg->vuln_cond->state = "Unfixed";
    pkg->feed = VU_SRC_OVAL;
    pkg->bin_name = "test-wazuh";
    pkg->src_name = "test-wazuh-src";
    cve = "CVE-000-000";

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5573): Couldn't verify if the vulnerability 'CVE-000-000' of the package 'test-wazuh' is already patched.");

    will_return(__wrap_sqlite3_close_v2, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    int ret = wm_vuldet_linux_rm_oval_not_affected_packages(db, cve, pkg, vuln_discarded);
    assert_int_equal(ret, OS_INVALID);

    os_free(pkg->vuln_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_oval_not_affected_packages_same_source()
{
    sqlite3 *db = (sqlite3 *)1;
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(2, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond), pkg[0].vuln_cond);
    os_calloc(1, sizeof(cve_vuln_cond), pkg[1].vuln_cond);

    pkg[0].vuln_cond->state = "Unfixed";
    pkg[0].feed = VU_SRC_OVAL;
    pkg[0].bin_name = "test-wazuh";
    pkg[0].src_name = "test-wazuh-src";
    pkg[0].next = &pkg[1];

    pkg[1].vuln_cond->state = "fixed";
    pkg[1].feed = VU_SRC_OVAL;
    pkg[1].bin_name = "test-wazuh";
    pkg[1].src_name = "test-wazuh-src";

    cve = "CVE-000-000";

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, pkg[0].bin_name);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, pkg[0].src_name);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 0);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is not affected (feed 'NVD').");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is not affected (feed 'NVD').");

    int ret = wm_vuldet_linux_rm_oval_not_affected_packages(db, cve, pkg, vuln_discarded);
    assert_int_equal(ret, 0);
    assert_int_equal(*vuln_discarded, 2);

    os_free(pkg[0].vuln_cond);
    os_free(pkg[1].vuln_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_oval_not_affected_packages_same_source_and_bin()
{
    sqlite3 *db = (sqlite3 *)1;
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(2, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond), pkg[0].vuln_cond);
    os_calloc(1, sizeof(cve_vuln_cond), pkg[1].vuln_cond);

    pkg[0].vuln_cond->state = "Unfixed";
    pkg[0].feed = VU_SRC_OVAL;
    pkg[0].bin_name = "test-wazuh";
    pkg[0].src_name = "test-wazuh-src2";
    pkg[0].next = &pkg[1];

    pkg[1].vuln_cond->state = "fixed";
    pkg[1].feed = VU_SRC_OVAL;
    pkg[1].bin_name = "test-wazuh-src2"; // this pkg has as name the source of pkg0

    cve = "CVE-000-000";

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, pkg[0].bin_name);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, pkg[0].src_name);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 0);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is not affected (feed 'NVD').");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh-src2' not vulnerable to 'CVE-000-000' since it is not affected (feed 'NVD').");

    int ret = wm_vuldet_linux_rm_oval_not_affected_packages(db, cve, pkg, vuln_discarded);
    assert_int_equal(ret, 0);
    assert_int_equal(*vuln_discarded, 2);

    os_free(pkg[0].vuln_cond);
    os_free(pkg[1].vuln_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_oval_not_affected_packages_same_bin_and_source()
{
    sqlite3 *db = (sqlite3 *)1;
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(2, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond), pkg[0].vuln_cond);
    os_calloc(1, sizeof(cve_vuln_cond), pkg[1].vuln_cond);

    pkg[0].vuln_cond->state = "Unfixed";
    pkg[0].feed = VU_SRC_OVAL;
    pkg[0].bin_name = "test-wazuh-src3";
    pkg[0].src_name = "test-wazuh-src";
    pkg[0].next = &pkg[1];

    pkg[1].vuln_cond->state = "fixed";
    pkg[1].feed = VU_SRC_OVAL;
    pkg[1].bin_name = "test-wazuh3";
    pkg[1].src_name = "test-wazuh-src3";
    cve = "CVE-000-000";

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, pkg[0].bin_name);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, pkg[0].src_name);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 0);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh-src3' not vulnerable to 'CVE-000-000' since it is not affected (feed 'NVD').");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh3' not vulnerable to 'CVE-000-000' since it is not affected (feed 'NVD').");

    int ret = wm_vuldet_linux_rm_oval_not_affected_packages(db, cve, pkg, vuln_discarded);
    assert_int_equal(ret, 0);
    assert_int_equal(*vuln_discarded, 2);

    os_free(pkg[0].vuln_cond);
    os_free(pkg[1].vuln_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

void test_wm_vuldet_linux_rm_oval_not_affected_packages_no_source()
{
    sqlite3 *db = (sqlite3 *)1;
    cve_vuln_pkg *pkg = NULL;
    int *vuln_discarded = NULL;
    const char *cve = NULL;

    os_calloc(1, sizeof(cve_vuln_pkg), pkg);
    os_calloc(1, sizeof(int), vuln_discarded);
    os_calloc(1, sizeof(cve_vuln_cond), pkg->vuln_cond);

    pkg->vuln_cond->state = "Unfixed";
    pkg->feed = VU_SRC_OVAL;
    pkg->bin_name = "test-wazuh";
    cve = "CVE-000-000";

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, cve);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, pkg->bin_name);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, pkg->bin_name);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 0);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-000-000' since it is not affected (feed 'NVD').");

    int ret = wm_vuldet_linux_rm_oval_not_affected_packages(db, cve, pkg, vuln_discarded);
    assert_int_equal(ret, 0);
    assert_int_equal(*vuln_discarded, 1);

    os_free(pkg->vuln_cond);
    os_free(pkg);
    os_free(vuln_discarded);
}

/* wm_vuldet_linux_rm_false_positivies */

void test_wm_vuldet_linux_rm_false_positivies_without_nodes(void ** state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5461): Filtering vulnerabilities obtained for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, NULL);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5465): A total of '0' potential vulnerabilities have been discarded for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'filter' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_rm_false_positivies(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);
}

void test_wm_vuldet_linux_rm_false_positivies_error_removing_nvd_not_affected(void ** state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    // Initial logs
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5461): Filtering vulnerabilities obtained for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);

    // SQLite prepare will fail when removing nvd not affected
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5573): Couldn't verify if the vulnerability 'CVE-2016-6489' of the package 'libhogweed4' is already patched.");

    will_return(__wrap_sqlite3_close_v2, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    int ret = wm_vuldet_linux_rm_false_positivies(db, agent, cve_table);

    assert_int_equal(OS_INVALID, ret);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_linux_rm_false_positivies_error_removing_oval_not_affected(void ** state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_OVAL)))
        return;

    // Setting valuest to force a failure
    cve_vuln_pkg* data_next = ((cve_vuln_pkg*)node->data)->next;
    os_free(data_next->vuln_cond->state);
    os_strdup("Unfixed", data_next->vuln_cond->state);
    os_free(data_next->bin_name);
    os_strdup("test-wazuh", data_next->bin_name);
    os_free(data_next->src_name);
    os_strdup("test-wazuh-src", data_next->src_name);

    // Initial logs
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5461): Filtering vulnerabilities obtained for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);

    // SQLite prepare will fail when removing oval not affected
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5584): Couldn't verify if the vulnerability 'CVE-2016-6489' is reported in the NVD feed.");

    will_return(__wrap_sqlite3_close_v2, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    int ret = wm_vuldet_linux_rm_false_positivies(db, agent, cve_table);

    assert_int_equal(OS_INVALID, ret);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_linux_rm_false_positivies_ok(void ** state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_OVAL)))
        return;

    // Setting valuest to force a failure
    cve_vuln_pkg* data_next = ((cve_vuln_pkg*)node->data)->next;
    os_free(data_next->vuln_cond->state);
    os_strdup("Unfixed", data_next->vuln_cond->state);
    os_free(data_next->bin_name);
    os_strdup("test-wazuh", data_next->bin_name);
    os_free(data_next->src_name);
    os_strdup("test-wazuh-src", data_next->src_name);

    // Initial logs
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5461): Filtering vulnerabilities obtained for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);

    // Removing oval not affected will succeed
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, node->key);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, node->key);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, data_next->bin_name);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, data_next->src_name);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 0);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-2016-6489' since it is not affected (feed 'NVD').");

    // No next node, so exiting the function
    expect_value(__wrap_OSHash_Next, self, cve_table);
    will_return(__wrap_OSHash_Next, NULL);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5465): A total of '1' potential vulnerabilities have been discarded for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'filter' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_rm_false_positivies(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

/* wm_vuldet_generate_os_and_kernel_package */

void test_wm_vuldet_generate_os_and_kernel_package_ubuntu(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_BIONIC;
    agent->os_release = strdup("18.04");
    agent->kernel_release = strdup("3.10");
    agent->arch = strdup("x86_64");

    will_return_count(__wrap_sqlite3_prepare_v2, SQLITE_OK, 2);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    expect_sqlite3_step_call(SQLITE_DONE);
    expect_sqlite3_step_call(SQLITE_DONE);

    // OS package
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "000");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_value(__wrap_sqlite3_bind_int, index, 4);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, "canonical");
    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "ubuntu_linux");
    expect_value(__wrap_sqlite3_bind_text, pos, 7);
    expect_value(__wrap_sqlite3_bind_text, pos, 8);
    expect_string(__wrap_sqlite3_bind_text, buffer, "18.04");
    expect_value(__wrap_sqlite3_bind_text, pos, 9);
    expect_value(__wrap_sqlite3_bind_text, pos, 10);
    expect_string(__wrap_sqlite3_bind_text, buffer, "x86_64");

    // Kernel package
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "000");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_value(__wrap_sqlite3_bind_int, index, 4);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, "linux");
    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "linux_kernel");
    expect_value(__wrap_sqlite3_bind_text, pos, 7);
    expect_value(__wrap_sqlite3_bind_text, pos, 8);
    expect_string(__wrap_sqlite3_bind_text, buffer, "3.10");
    expect_value(__wrap_sqlite3_bind_text, pos, 9);
    expect_value(__wrap_sqlite3_bind_text, pos, 10);
    expect_string(__wrap_sqlite3_bind_text, buffer, "x86_64");

    int ret = wm_vuldet_generate_os_and_kernel_package(db, agent);

    assert_int_equal(ret, 0);
}

void test_wm_vuldet_generate_os_and_kernel_package_debian(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;
    agent->os_release = strdup("10");
    agent->kernel_release = strdup("4.11");
    agent->arch = strdup("x86_64");

    will_return_count(__wrap_sqlite3_prepare_v2, SQLITE_OK, 2);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    expect_sqlite3_step_call(SQLITE_DONE);
    expect_sqlite3_step_call(SQLITE_DONE);

    // OS package
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "000");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_value(__wrap_sqlite3_bind_int, index, 4);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, "debian");
    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "debian_linux");
    expect_value(__wrap_sqlite3_bind_text, pos, 7);
    expect_value(__wrap_sqlite3_bind_text, pos, 8);
    expect_string(__wrap_sqlite3_bind_text, buffer, "10");
    expect_value(__wrap_sqlite3_bind_text, pos, 9);
    expect_value(__wrap_sqlite3_bind_text, pos, 10);
    expect_string(__wrap_sqlite3_bind_text, buffer, "x86_64");

    // Kernel package
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "000");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_value(__wrap_sqlite3_bind_int, index, 4);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, "linux");
    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "linux_kernel");
    expect_value(__wrap_sqlite3_bind_text, pos, 7);
    expect_value(__wrap_sqlite3_bind_text, pos, 8);
    expect_string(__wrap_sqlite3_bind_text, buffer, "4.11");
    expect_value(__wrap_sqlite3_bind_text, pos, 9);
    expect_value(__wrap_sqlite3_bind_text, pos, 10);
    expect_string(__wrap_sqlite3_bind_text, buffer, "x86_64");

    int ret = wm_vuldet_generate_os_and_kernel_package(db, agent);

    assert_int_equal(ret, 0);
}

void test_wm_vuldet_generate_os_and_kernel_package_redhat(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;

    agent->dist = FEED_REDHAT;
    agent->dist_ver = FEED_RHEL7;
    agent->os_release = strdup("7.2");
    agent->kernel_release = strdup("5.1.0");
    agent->arch = strdup("x86_64");

    will_return_count(__wrap_sqlite3_prepare_v2, SQLITE_OK, 2);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    expect_sqlite3_step_call(SQLITE_DONE);
    expect_sqlite3_step_call(SQLITE_DONE);

    // OS package
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "000");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_value(__wrap_sqlite3_bind_int, index, 4);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, "redhat");
    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "enterprise_linux");
    expect_value(__wrap_sqlite3_bind_text, pos, 7);
    expect_value(__wrap_sqlite3_bind_text, pos, 8);
    expect_string(__wrap_sqlite3_bind_text, buffer, "7.2");
    expect_value(__wrap_sqlite3_bind_text, pos, 9);
    expect_value(__wrap_sqlite3_bind_text, pos, 10);
    expect_string(__wrap_sqlite3_bind_text, buffer, "x86_64");

    // Kernel package
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "000");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_value(__wrap_sqlite3_bind_int, index, 4);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, "linux");
    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "linux_kernel");
    expect_value(__wrap_sqlite3_bind_text, pos, 7);
    expect_value(__wrap_sqlite3_bind_text, pos, 8);
    expect_string(__wrap_sqlite3_bind_text, buffer, "5.1.0");
    expect_value(__wrap_sqlite3_bind_text, pos, 9);
    expect_value(__wrap_sqlite3_bind_text, pos, 10);
    expect_string(__wrap_sqlite3_bind_text, buffer, "x86_64");

    int ret = wm_vuldet_generate_os_and_kernel_package(db, agent);

    assert_int_equal(ret, 0);
}

void test_wm_vuldet_generate_os_and_kernel_package_null_db(void **state)
{
    (void) state;

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5567): The DB is not initialized.");

    int ret = wm_vuldet_generate_os_and_kernel_package(NULL, NULL);

    assert_int_equal(ret, -1);
}

void test_wm_vuldet_generate_os_and_kernel_package_null_agent(void **state)
{
    (void) state;
    sqlite3 *db = (sqlite3 *)1;

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5566): The agent structure is not initialized.");

    int ret = wm_vuldet_generate_os_and_kernel_package(db, NULL);

    assert_int_equal(ret, -1);
}

void test_wm_vuldet_generate_os_and_kernel_package_invalid_agent(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;

    expect_string(__wrap__mtwarn, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtwarn, formatted_msg, "(5444): Unable to get the OS version and release for agent '000'. It may not have the OS inventory enabled.");

    int ret = wm_vuldet_generate_os_and_kernel_package(db, agent);

    assert_int_equal(ret, 1);
}

void test_wm_vuldet_generate_os_and_kernel_package_os_package_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;

    agent->dist = FEED_REDHAT;
    agent->dist_ver = FEED_RHEL7;
    agent->os_release = strdup("7.2");
    agent->arch = strdup("x86_64");

    // OS package
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, 0);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5449): It was not possible to insert 'enterprise_linux' in the agent software table.");

    int ret = wm_vuldet_generate_os_and_kernel_package(db, agent);

    assert_int_equal(ret, -1);
}

void test_wm_vuldet_generate_os_and_kernel_package_kernel_package_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;

    agent->dist = FEED_REDHAT;
    agent->dist_ver = FEED_RHEL7;
    agent->kernel_release = strdup("5.1.0");
    agent->arch = strdup("x86_64");

    // Kernel package
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, 0);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5449): It was not possible to insert 'linux_kernel' in the agent software table.");

    int ret = wm_vuldet_generate_os_and_kernel_package(db, agent);

    assert_int_equal(ret, -1);
}

void test_wm_vuldet_generate_os_and_kernel_package_release_end(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_BIONIC;
    agent->os_release = strdup("18.04");
    agent->kernel_release = strdup("3.10-0.0.0");
    agent->arch = strdup("x86_64");

    will_return_count(__wrap_sqlite3_prepare_v2, SQLITE_OK, 2);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    expect_sqlite3_step_call(SQLITE_DONE);
    expect_sqlite3_step_call(SQLITE_DONE);

    // OS package
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "000");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_value(__wrap_sqlite3_bind_int, index, 4);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, "canonical");
    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "ubuntu_linux");
    expect_value(__wrap_sqlite3_bind_text, pos, 7);
    expect_value(__wrap_sqlite3_bind_text, pos, 8);
    expect_string(__wrap_sqlite3_bind_text, buffer, "18.04");
    expect_value(__wrap_sqlite3_bind_text, pos, 9);
    expect_value(__wrap_sqlite3_bind_text, pos, 10);
    expect_string(__wrap_sqlite3_bind_text, buffer, "x86_64");

    // Kernel package
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "000");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_value(__wrap_sqlite3_bind_int, index, 4);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, "linux");
    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "linux_kernel");
    expect_value(__wrap_sqlite3_bind_text, pos, 7);
    expect_value(__wrap_sqlite3_bind_text, pos, 8);
    expect_string(__wrap_sqlite3_bind_text, buffer, "3.10");
    expect_value(__wrap_sqlite3_bind_text, pos, 9);
    expect_value(__wrap_sqlite3_bind_text, pos, 10);
    expect_string(__wrap_sqlite3_bind_text, buffer, "x86_64");

    int ret = wm_vuldet_generate_os_and_kernel_package(db, agent);

    assert_int_equal(ret, 0);
}

/* wm_vuldet_compare_vendors */

void test_wm_vuldet_compare_vendors_external_vendor(void **state)
{
    int ret;
    char * vendor = "External";

    ret = wm_vuldet_compare_vendors(vendor);
    assert_int_equal(ret, 1);
}

void test_wm_vuldet_compare_vendors_official_vendor(void **state)
{
    int ret;
    int i;
    char * official_vendors[] = {
        "Red Hat, Inc.",
        "CentOS"
    };
    int array_size = array_size(official_vendors);

    for (i = 0; i < array_size; i++) {
        ret = wm_vuldet_compare_vendors(official_vendors[i]);
        assert_int_equal(ret, 0);
    }
}

/* wm_checks_package_vulnerability */

void test_wm_checks_package_vulnerability_no_version_b(void **state)
{
    char *version_a = "1:5.3.2-3.9.7";
    char *version_b = NULL;
    char *operation = "less than";

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_NOT_FIXED, ret);
}

void test_wm_checks_package_vulnerability_big_version_a(void **state)
{
    char *version_a = NULL;
    char *version_b = "2:6.1.1-2.6.8";
    char *operation = "less than";

    // Creating a very big dummy string for version a
    os_calloc(KEY_SIZE + 10, sizeof(char), version_a);
    if (!version_a)
        return;

    for (int i = 0; i < (KEY_SIZE + 9); ++i) version_a[i] = 'a';

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(OS_INVALID, ret);

    os_free(version_a);
}

void test_wm_checks_package_vulnerability_big_version_b(void **state)
{
    char *version_a = "1:5.3.2-3.9.7";
    char *version_b = NULL;
    char *operation = "less than";

    // Creating a very big dummy string for version a
    os_calloc(KEY_SIZE + 10, sizeof(char), version_b);
    if (!version_b)
        return;

    for (int i = 0; i < (KEY_SIZE + 9); ++i) version_b[i] = 'b';

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(OS_INVALID, ret);

    os_free(version_b);
}

void test_wm_checks_package_vulnerability_lt_with_epoch(void **state)
{
    char *version_a = "1:5.3.2-3.9.7";
    char *version_b = "2:6.1.1-2.6.8";
    char *operation = "less than";

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_LT);
    will_return(__wrap_pkg_version_relate, true);

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_VULNERABLE, ret);
}

void test_wm_checks_package_vulnerability_lt_no_epoch(void **state)
{
    char *version_a = "5.3.2-3.9.7";
    char *version_b = "6.1.1-2.6.8";
    char *operation = "less than";

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_LT);
    will_return(__wrap_pkg_version_relate, true);

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_VULNERABLE, ret);
}

void test_wm_checks_package_vulnerability_lt_no_revision(void **state)
{
    char *version_a = "1:5.3.2";
    char *version_b = "2:6.1.1";
    char *operation = "less than";

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_LT);
    will_return(__wrap_pkg_version_relate, true);

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_VULNERABLE, ret);
}

void test_wm_checks_package_vulnerability_lt_no_revision_and_score(void **state)
{
    char *version_a = "1:5.3.2-";
    char *version_b = "2:6.1.1-";
    char *operation = "less than";

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_LT);
    will_return(__wrap_pkg_version_relate, true);

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_VULNERABLE, ret);
}

void test_wm_checks_package_vulnerability_le(void **state)
{
    char *version_a = "1:5.3.2-3.9.7";
    char *version_b = "2:6.1.1-2.6.8";
    char *operation = "less than or equal";

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_LE);
    will_return(__wrap_pkg_version_relate, true);

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_VULNERABLE, ret);
}

void test_wm_checks_package_vulnerability_eq(void **state)
{
    char *version_a = "1:5.3.2-3.9.7";
    char *version_b = "2:6.1.1-2.6.8";
    char *operation = "equal";

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_EQ);
    will_return(__wrap_pkg_version_relate, false);

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_NOT_VULNERABLE, ret);
}

void test_wm_checks_package_vulnerability_ge(void **state)
{
    char *version_a = "1:5.3.2-3.9.7";
    char *version_b = "2:6.1.1-2.6.8";
    char *operation = "greater than or equal";

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_GE);
    will_return(__wrap_pkg_version_relate, false);

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_NOT_VULNERABLE, ret);
}

void test_wm_checks_package_vulnerability_gt(void **state)
{
    char *version_a = "1:5.3.2-3.9.7";
    char *version_b = "2:6.1.1-2.6.8";
    char *operation = "greater than";

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_GT);
    will_return(__wrap_pkg_version_relate, false);

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_NOT_VULNERABLE, ret);
}

void test_wm_checks_package_vulnerability_ne(void **state)
{
    char *version_a = "1:5.3.2-3.9.7";
    char *version_b = "2:6.1.1-2.6.8";
    char *operation = "not equal";

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_DEB);

    assert_int_equal(VU_ERROR_CMP, ret);
}

void test_wm_checks_package_vulnerability_centos_gt(void **state)
{
    char *version_a = "1:5.3.2-3.el7_2";
    char *version_b = "1:5.3.2-3.el7";
    char *operation = "greater than";

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_GT);
    will_return(__wrap_pkg_version_relate, false);

    int ret = wm_checks_package_vulnerability(version_a, operation, version_b, VER_TYPE_RPM_CENTOS);

    assert_int_equal(VU_NOT_VULNERABLE, ret);
}

/* wm_vuldel_truncate_revision */

void test_wm_vuldel_truncate_revision_null(void ** state) {

    char * revision = NULL;
    wm_vuldel_truncate_revision(revision);
    assert_null(revision);
}

void test_wm_vuldel_truncate_revision(void ** state) {
    char * revisions[7][2] = {
        {"3.el", "3.el"},
        {"3.el7", "3.el7"},
        {"3.el7_2", "3.el7"},
        {"3.el6_2.132", "3.el6"},
        {"3-el6_2.132", "3-el6_2.132"},
        {"3.el9_2.132", "3.el9_2.132"},
        {"3~1234", "3~1234"}
    };

    for (int i = 0; i < 7; i++) {
        char revision[12];
        snprintf(revision, 12, "%s", revisions[i][0]);
        char * rev_ptr = revision;
        wm_vuldel_truncate_revision(rev_ptr);
        assert_string_equal(rev_ptr, revisions[i][1]);
    }
}

/* wm_vuldet_linux_oval_vulnerabilities */

void test_wm_vuldet_linux_oval_vulnerabilities_error_prepare_nvd_configured_year(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5585): Couldn't get the NVD configured year.");

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_INVALID, ret);
}

void test_wm_vuldet_linux_oval_vulnerabilities_error_no_nvd_year(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5585): Couldn't get the NVD configured year.");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_INVALID, ret);
}

void test_wm_vuldet_linux_oval_vulnerabilities_error_prepare(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5569): Couldn't get the packages of the agent '000'");

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_INVALID, ret);
}

void test_wm_vuldet_linux_oval_vulnerabilities_error_prepare_rh(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_REDHAT;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5569): Couldn't get the packages of the agent '000'");

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_INVALID, ret);
}

void test_wm_vuldet_linux_oval_vulnerabilities_error_prepare_deb(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5569): Couldn't get the packages of the agent '000'");

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_INVALID, ret);
}

void test_wm_vuldet_linux_oval_vulnerabilities_error_step(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_INVALID, ret);
}

void test_wm_vuldet_linux_oval_vulnerabilities_step_done(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtwarn, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtwarn, formatted_msg, "(5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(0, ret);
}

void test_wm_vuldet_linux_oval_vulnerabilities_one_row_no_data(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    // By assigning null to some values, the row should be skipped
    // and the code should ask for a new row
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "less than");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.4.3");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "10");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '0' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);
}

void test_wm_vuldet_linux_oval_vulnerabilities_one_row_bad_version(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    // Creating a very big dummy string for version a
    char *version_b = NULL;
    os_calloc(KEY_SIZE + 10, sizeof(char), version_b);
    if (!version_b)
        return;

    for (int i = 0; i < (KEY_SIZE + 9); ++i) version_b[i] = 'b';

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "CVE-2020-1234");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "package");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "5.1.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "x64");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "less than");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, version_b);
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "10");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_INVALID, ret);

    os_free(version_b);
}

void test_wm_vuldet_linux_oval_vulnerabilities_one_row_not_fixed(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "CVE-2020-1234");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "package");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "5.1.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "x64");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    // Adding cve node
    cve_vuln_pkg *Pkg = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), Pkg);
    if (!Pkg)
        return;

    os_strdup("src_name1", Pkg->src_name);

    expect_string(__wrap_OSHash_Add, key, "CVE-2020-1234");
    will_return(__wrap_OSHash_Add, 1);

    expect_value(__wrap_OSHash_Get, self, cve_table);
    expect_string(__wrap_OSHash_Get, key, "CVE-2020-1234");
    will_return(__wrap_OSHash_Get, Pkg);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5458): Package 'package' inserted into the vulnerability 'CVE-2020-1234'. Version (5.1.2) 'Unfixed' '' (feed 'OVAL').");

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '1' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);

    wm_vuldet_free_cve_node(Pkg);
}

void test_wm_vuldet_linux_oval_vulnerabilities_one_row_not_vulnerable(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "CVE-2020-1234");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "package");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "5.1.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "x64");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "less than");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.1.1");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "10");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    // Adding cve node
    cve_vuln_pkg *Pkg = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), Pkg);
    if (!Pkg)
        return;

    os_strdup("src_name1", Pkg->src_name);

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_LT);
    will_return(__wrap_pkg_version_relate, 0);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5460): Package 'package' not vulnerable to 'CVE-2020-1234'. Version (10) not 'less than' '5.1.1' (feed 'OVAL').");

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '0' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);

    wm_vuldet_free_cve_node(Pkg);
}

void test_wm_vuldet_linux_oval_vulnerabilities_one_row_centos_not_vulnerable(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_REDHAT;
    agent->dist_ver = FEED_RHEL8;
    agent->flags.centos = 1;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "RHEL8");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "CVE-2020-1234");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "package");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "5.1.2-3.el8_1");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "x64");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "less than");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.1.2-3.el8_8.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "5.1.2-3.el8_1");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CentOS");

    // Adding cve node
    cve_vuln_pkg *Pkg = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), Pkg);
    if (!Pkg)
        return;

    os_strdup("src_name1", Pkg->src_name);

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_LT);
    will_return(__wrap_pkg_version_relate, 0);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5460): Package 'package' not vulnerable to 'CVE-2020-1234'. Version (5.1.2-3.el8_1) not 'less than' '5.1.2-3.el8_8.2' (feed 'OVAL').");

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '0' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);

    wm_vuldet_free_cve_node(Pkg);
}

void test_wm_vuldet_linux_oval_vulnerabilities_one_row_error_comparing(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "CVE-2020-1234");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "package");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "5.1.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "x64");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "unexisting relation");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.1.1");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "10");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    // Adding cve node
    cve_vuln_pkg *Pkg2 = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), Pkg2);
    if (!Pkg2)
        return;

    os_strdup("src_name2", Pkg2->src_name);
    os_strdup("package2", Pkg2->bin_name);
    os_strdup("5.1.2", Pkg2->version);
    os_strdup("x64", Pkg2->arch);

    expect_string(__wrap_OSHash_Add, key, "CVE-2020-1234");
    will_return(__wrap_OSHash_Add, 1);

    expect_value(__wrap_OSHash_Get, self, cve_table);
    expect_string(__wrap_OSHash_Get, key, "CVE-2020-1234");
    will_return(__wrap_OSHash_Get, Pkg2);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5458): Package 'package' inserted into the vulnerability 'CVE-2020-1234'. Version (10) 'unexisting relation' '5.1.1' (feed 'OVAL').");

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '1' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);

    wm_vuldet_free_cve_node(Pkg2);
}

void test_wm_vuldet_linux_oval_vulnerabilities_vulnerable(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "CVE-2020-1234");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "package");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "5.1.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "x64");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "less than");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.1.3");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "5.1.0");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    // Adding cve node
    cve_vuln_pkg *Pkg2 = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), Pkg2);
    if (!Pkg2)
        return;

    os_strdup("src_name2", Pkg2->src_name);
    os_strdup("package2", Pkg2->bin_name);
    os_strdup("5.1.2", Pkg2->version);
    os_strdup("x64", Pkg2->arch);

    expect_value(__wrap_pkg_version_relate, rel, PKG_RELATION_LT);
    will_return(__wrap_pkg_version_relate, true);

    expect_string(__wrap_OSHash_Add, key, "CVE-2020-1234");
    will_return(__wrap_OSHash_Add, 1);

    expect_value(__wrap_OSHash_Get, self, cve_table);
    expect_string(__wrap_OSHash_Get, key, "CVE-2020-1234");
    will_return(__wrap_OSHash_Get, Pkg2);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5458): Package 'package' inserted into the vulnerability 'CVE-2020-1234'. Version (5.1.0) 'less than' '5.1.3' (feed 'OVAL').");

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '1' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);

    wm_vuldet_free_cve_node(Pkg2);
}

void test_wm_vuldet_linux_oval_vulnerabilities_insert_package_error(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "CVE-2020-1234");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "package");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "5.1.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "x64");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "unexisting relation");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.1.1");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "10");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    // Adding cve node
    cve_vuln_pkg *Pkg2 = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), Pkg2);
    if (!Pkg2)
        return;

    os_strdup("src_name2", Pkg2->src_name);
    os_strdup("package2", Pkg2->bin_name);
    os_strdup("5.1.2", Pkg2->version);
    os_strdup("x64", Pkg2->arch);

    expect_string(__wrap_OSHash_Add, key, "CVE-2020-1234");
    will_return(__wrap_OSHash_Add, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5572): Couldn't insert the package 'package' into the vulnerability 'CVE-2020-1234'. Version (10) 'unexisting relation' '5.1.1' (feed 'OVAL').");

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '0' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);

    wm_vuldet_free_cve_node(Pkg2);
}

void test_wm_vuldet_linux_oval_vulnerabilities_duplicated_package(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "CVE-2020-1234");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "package");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "5.1.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "x64");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "unexisting relation");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.1.1");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "10");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    // Adding cve node
    cve_vuln_pkg *vuln_pkg = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), vuln_pkg);
    if (!vuln_pkg)
        return;

    os_strdup("package", vuln_pkg->bin_name);
    w_strdup("source", vuln_pkg->src_name);
    os_strdup("10", vuln_pkg->version);
    os_strdup("x64", vuln_pkg->arch);

    os_calloc(1, sizeof(cve_vuln_cond), vuln_pkg->vuln_cond);

    os_strdup("", vuln_pkg->vuln_cond->state);
    w_strdup("unexisting relation", vuln_pkg->vuln_cond->operation);
    w_strdup("5.1.1", vuln_pkg->vuln_cond->operation_value);
    os_strdup("Could not compare package versions (unexisting relation 5.1.1).", vuln_pkg->vuln_cond->condition); //*condition = '\0';

    expect_string(__wrap_OSHash_Add, key, "CVE-2020-1234");
    will_return(__wrap_OSHash_Add, 1);

    expect_value(__wrap_OSHash_Get, self, cve_table);
    expect_string(__wrap_OSHash_Get, key, "CVE-2020-1234");
    will_return(__wrap_OSHash_Get, vuln_pkg);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5459): Trying to insert duplicated package 'package' into the vulnerability 'CVE-2020-1234'. Version (10) 'unexisting relation' '5.1.1' (feed 'OVAL').");

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '1' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);

    wm_vuldet_free_cve_node(vuln_pkg);
}

void test_wm_vuldet_linux_oval_vulnerabilities_external_vendor(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_REDHAT;
    agent->dist_ver = FEED_RHEL7;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "RHEL7");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "CVE-2020-1234");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "package");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "5.1.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "x64");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "unexisting relation");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.1.1");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "10");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "third-party");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5486): Discarded package 'package' from a third-party source ('third-party') for agent '000'");

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '0' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    int ret = wm_vuldet_linux_oval_vulnerabilities(db, agent, cve_table);

    assert_int_equal(OS_SUCCESS, ret);
}

/* wm_vuldet_build_nvd_report_condition */

void test_wm_vuldet_build_nvd_report_condition_both_including(void **state)
{
    cve_vuln_cond_NVD *nvd_cond = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond);
    if (!nvd_cond)
        return;

    vu_report * report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    os_strdup("10.5.0", nvd_cond->start_version);
    nvd_cond->start_operation = START_INCLUDED;
    os_strdup("10.7.1", nvd_cond->end_version);
    nvd_cond->end_operation = END_INCLUDED;

    wm_vuldet_build_nvd_report_condition(nvd_cond, report);

    assert_string_equal("Package greater or equal than 10.5.0 and less or equal than 10.7.1", report->condition);

    os_free(nvd_cond->start_version);
    os_free(nvd_cond->end_version);
    os_free(nvd_cond);
    wm_vuldet_free_report(report);
}

void test_wm_vuldet_build_nvd_report_condition_both_excluding(void **state) {
    cve_vuln_cond_NVD *nvd_cond = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond);
    if (!nvd_cond)
        return;

    vu_report * report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    os_strdup("10.5.0", nvd_cond->start_version);
    nvd_cond->start_operation = START_EXCLUDED;
    os_strdup("10.7.1", nvd_cond->end_version);
    nvd_cond->end_operation = END_EXCLUDED;

    wm_vuldet_build_nvd_report_condition(nvd_cond, report);

    assert_string_equal("Package greater than 10.5.0 and less than 10.7.1", report->condition);

    os_free(nvd_cond->start_version);
    os_free(nvd_cond->end_version);
    os_free(nvd_cond);
    wm_vuldet_free_report(report);
}

void test_wm_vuldet_build_nvd_report_condition_start_including(void **state) {
    cve_vuln_cond_NVD *nvd_cond = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond);
    if (!nvd_cond)
        return;

    vu_report * report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    os_strdup("10.5.0", nvd_cond->start_version);
    nvd_cond->start_operation = START_INCLUDED;

    wm_vuldet_build_nvd_report_condition(nvd_cond, report);

    assert_string_equal("Package greater or equal than 10.5.0", report->condition);

    os_free(nvd_cond->start_version);
    os_free(nvd_cond->end_version);
    os_free(nvd_cond);
    wm_vuldet_free_report(report);
}

void test_wm_vuldet_build_nvd_report_condition_start_excluding(void **state) {
    cve_vuln_cond_NVD *nvd_cond = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond);
    if (!nvd_cond)
        return;

    vu_report * report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    os_strdup("10.5.0", nvd_cond->start_version);
    nvd_cond->start_operation = START_EXCLUDED;

    wm_vuldet_build_nvd_report_condition(nvd_cond, report);

    assert_string_equal("Package greater than 10.5.0", report->condition);

    os_free(nvd_cond->start_version);
    os_free(nvd_cond->end_version);
    os_free(nvd_cond);
    wm_vuldet_free_report(report);
}

void test_wm_vuldet_build_nvd_report_condition_end_including(void **state) {
    cve_vuln_cond_NVD *nvd_cond = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond);
    if (!nvd_cond)
        return;

    vu_report * report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    os_strdup("10.7.1", nvd_cond->end_version);
    nvd_cond->end_operation = END_INCLUDED;

    wm_vuldet_build_nvd_report_condition(nvd_cond, report);

    assert_string_equal("Package less or equal than 10.7.1", report->condition);

    os_free(nvd_cond->start_version);
    os_free(nvd_cond->end_version);
    os_free(nvd_cond);
    wm_vuldet_free_report(report);
}

void test_wm_vuldet_build_nvd_report_condition_end_excluding(void **state) {
    cve_vuln_cond_NVD *nvd_cond = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond);
    if (!nvd_cond)
        return;

    vu_report * report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    os_strdup("10.7.1", nvd_cond->end_version);
    nvd_cond->end_operation = END_EXCLUDED;

    wm_vuldet_build_nvd_report_condition(nvd_cond, report);

    assert_string_equal("Package less than 10.7.1", report->condition);

    os_free(nvd_cond->start_version);
    os_free(nvd_cond->end_version);
    os_free(nvd_cond);
    wm_vuldet_free_report(report);
}

/* wm_vuldet_fill_report_nvd_cve_info */

void test_wm_vuldet_fill_report_nvd_cve_info_error_prepare(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_nvd_cve_info(db, stmt, report, &cve_table_id);

    assert_int_equal(SQLITE_ERROR, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_cve_info_error_step(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    os_strdup("CVE-2016-6489", report->cve);
    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    will_return(__wrap_sqlite3_bind_text, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_nvd_cve_info(db, stmt, report, &cve_table_id);

    assert_int_equal(SQLITE_ERROR, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_cve_info_ok(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    os_strdup("CVE-2016-6489", report->cve);
    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    will_return(__wrap_sqlite3_bind_text, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "1");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "cve@mitre.org");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "4.0");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");

    int ret = wm_vuldet_fill_report_nvd_cve_info(db, stmt, report, &cve_table_id);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_references_error_prepare(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_nvd_references(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_ERROR, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_references_error_step(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_nvd_references(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_ERROR, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_references_ok(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "REDHAT");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_references(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_error_prepare(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_ERROR, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_error_step(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_ERROR, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_crucial(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 9.1);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 8.6);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 6.9);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "3.0");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_high(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 7.1);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 8.6);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 6.9);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "3.0");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_medium(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 4.1);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 8.6);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 6.9);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "3.0");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_low(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 1.1);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 8.6);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 6.9);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "3.0");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_none(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 0.1);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 8.6);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 6.9);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "3.0");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_cvss2_sev_high(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 7.1);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 8.6);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 6.9);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "2.0");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_cvss2_sev_medium(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 4.1);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 8.6);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 6.9);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "2.0");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_cvss2_sev_low(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 1.1);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 8.6);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 6.9);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "2.0");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_sev_unknown(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_nvd_scoring_with_cvss(void **state) {
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    vu_report* report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if (!report)
        return;

    int cve_table_id = 1; // Just a dummy ID

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, cve_table_id);
    will_return(__wrap_sqlite3_bind_int, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "1.0");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_nvd_scoring(db, stmt, cve_table_id, report);

    assert_int_equal(SQLITE_OK, ret);

    wm_vuldet_free_report(report);
}

/* wm_vuldet_fill_report_oval_data */

void test_wm_vuldet_fill_report_oval_data_prepare_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    agent->dist = FEED_REDHAT;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    vu_report *report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if(!report)
        return;

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_oval_data(db, stmt, agent, ((cve_vuln_pkg*)node->data)->next, report);

    assert_int_equal(ret, SQLITE_ERROR);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_oval_data_references_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    vu_report *report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if(!report)
        return;

    os_strdup("CVE-2016-6489", report->cve);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    // vulnerability info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, vu_severities[VU_HIGH]);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "6.9");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "3.6");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    //Query for references error
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_oval_data(db, stmt, agent, ((cve_vuln_pkg*)node->data)->next, report);

    assert_int_equal(ret, SQLITE_ERROR);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_oval_data_bugzilla_references_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    vu_report *report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if(!report)
        return;

    os_strdup("CVE-2016-6489", report->cve);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    // vulnerability info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, vu_severities[VU_HIGH]);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "6.9");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "3.6");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for bugzilla references error
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_oval_data(db, stmt, agent, ((cve_vuln_pkg*)node->data)->next, report);

    assert_int_equal(ret, SQLITE_ERROR);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_oval_data_advisories_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    vu_report *report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if(!report)
        return;

    os_strdup("CVE-2016-6489", report->cve);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    // vulnerability info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, vu_severities[VU_HIGH]);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "6.9");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "3.6");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for bugzilla references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for advisories error
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    int ret = wm_vuldet_fill_report_oval_data(db, stmt, agent, ((cve_vuln_pkg*)node->data)->next, report);

    assert_int_equal(ret, SQLITE_ERROR);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
    wm_vuldet_free_report(report);
}

void test_wm_vuldet_fill_report_oval_data(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    sqlite3_stmt *stmt = NULL;

    agent->dist = FEED_REDHAT;
    agent->dist_ver = FEED_RHEL7;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_OVAL)))
        return;

    vu_report *report = NULL;
    os_calloc(1, sizeof(vu_report), report);
    if(!report)
        return;

    os_strdup("CVE-2016-6489", report->cve);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    // vulnerability info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "JREDHAT");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, vu_severities[VU_HIGH]);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "6.9");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "3.6");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "JREDHAT");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for bugzilla references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "JREDHAT");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for advisories
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "JREDHAT");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "RHSA-2020:0975");
    expect_sqlite3_step_call(SQLITE_DONE);

    int ret = wm_vuldet_fill_report_oval_data(db, stmt, agent, ((cve_vuln_pkg*)node->data)->next, report);

    assert_int_equal(ret, SQLITE_OK);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
    wm_vuldet_free_report(report);
}

/* wm_vuldet_send_agent_report */

void test_wm_vuldet_send_agent_report_no_hash_node_rh(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_REDHAT;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'NVD' feed.");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'vendor' feed.");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5469): A total of '0' vulnerabilities have been reported for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'report' vulnerabilities in agent '000'");

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, NULL);

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_SUCCESS);
}

void test_wm_vuldet_send_agent_report_no_hash_node_ubuntu(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'NVD' feed.");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'vendor' feed.");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5469): A total of '0' vulnerabilities have been reported for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'report' vulnerabilities in agent '000'");

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, NULL);

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_SUCCESS);
}

void test_wm_vuldet_send_agent_report_fill_report_nvd_cve_info_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD|VU_SRC_OVAL)))
        return;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");

    will_return(__wrap_time, (time_t)1);

    expect_string(__wrap__mterror, formatted_msg, "(5578): Could not fill the report with the CVE info from the NVD for agent '000'");

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_INVALID);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_send_agent_report_fill_report_nvd_references_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD|VU_SRC_OVAL)))
        return;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");

    will_return(__wrap_time, (time_t)1);

    expect_string(__wrap__mterror, formatted_msg, "(5579): Could not fill the report with the CVE references from the NVD for agent '000'");

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    // CVE info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "1");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "cve@mitre.org");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "4.0");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    //Query for references error
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_INVALID);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_send_agent_report_fill_report_nvd_scoring_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");

    will_return(__wrap_time, (time_t)1);

    expect_string(__wrap__mterror, formatted_msg, "(5580): Could not fill the report with the CVE score from the NVD for agent '000'");

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // CVE info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "1");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "cve@mitre.org");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "4.0");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "REDHAT");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for scoring error
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_INVALID);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_send_agent_report_fill_report_oval_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_OVAL)))
        return;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");

    will_return(__wrap_time, (time_t)1);

    expect_string(__wrap__mterror, formatted_msg, "(5578): Could not fill the report with the CVE info from the NVD for agent '000'");

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    //Prepare oval query error
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_INVALID);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_send_agent_report_send_cve_report_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    wm_max_eps = 1000000;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_OVAL)))
        return;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // CVE info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "1");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "cve@mitre.org");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "4.0");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "REDHAT");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for scoring
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1  );
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_sqlite3_step_call(SQLITE_DONE);

    // Query for oval data
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, vu_severities[VU_HIGH]);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "6.9");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "3.6");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    //Query for oval references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for oval bugzilla references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for oval advisories
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "RHSA-2020:0975");
    expect_sqlite3_step_call(SQLITE_DONE);
    // Sending CVE report
    will_return(__wrap_cJSON_CreateObject, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5559): Could not send the 'CVE-2016-6489' report for 'libhogweed4' in the agent '000'");

    expect_value(__wrap_OSHash_Next, self, cve_table);
    will_return(__wrap_OSHash_Next, NULL);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'NVD' feed.");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'vendor' feed.");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5469): A total of '0' vulnerabilities have been reported for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'report' vulnerabilities in agent '000'");

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_SUCCESS);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_send_agent_report_send_cve_report_negative_version(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    wm_max_eps = 1000000;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_OVAL)))
        return;

    // Setting the negative version
    os_free(((cve_vuln_pkg*)node->data)->next->version);
    os_strdup("-1:", ((cve_vuln_pkg*)node->data)->next->version);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // CVE info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "1");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "cve@mitre.org");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "4.0");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "REDHAT");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for scoring
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1  );
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_sqlite3_step_call(SQLITE_DONE);

    // Query for oval data
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, vu_severities[VU_HIGH]);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "6.9");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "3.6");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    //Query for oval references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for oval bugzilla references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for oval advisories
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "RHSA-2020:0975");
    expect_sqlite3_step_call(SQLITE_DONE);
    // Sending CVE report
    will_return(__wrap_cJSON_CreateObject, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5559): Could not send the 'CVE-2016-6489' report for 'libhogweed4' in the agent '000'");

    expect_value(__wrap_OSHash_Next, self, cve_table);
    will_return(__wrap_OSHash_Next, NULL);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'NVD' feed.");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'vendor' feed.");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5469): A total of '0' vulnerabilities have been reported for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'report' vulnerabilities in agent '000'");

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_SUCCESS);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_send_agent_report_send_cve_report_adding_data_from_OVAL_error(void **state)
{
    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    wm_max_eps = 1000000;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_OVAL)))
        return;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // CVE info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "1");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "cve@mitre.org");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "4.0");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "REDHAT");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for scoring
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1  );
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_sqlite3_step_call(SQLITE_DONE);

    // Query for oval data
    // vulnerability info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, vu_severities[VU_HIGH]);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "6.9");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "3.6");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for bugzilla references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for advisories error
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5581): Could not fill the report with the CVE info from the Vendor feed for agent '000'");

    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, -1);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_send_agent_report_send_cve_report_without_errors_OVAL(void **state)
{
    wm_vuldet_t *vuldet = calloc(1, sizeof(wm_vuldet_t));

    if (!vuldet) {
        return;
    }

    vuldet->flags.enabled = 1;
    vuldet->flags.run_on_start = 1;

    expect_string(__wrap_StartMQ, path, DEFAULTQPATH);
    expect_value(__wrap_StartMQ, type, WRITE);
    will_return(__wrap_StartMQ, 1);

    will_return_always(__wrap_OPENSSL_init_ssl, 1);
    will_return(__wrap_OPENSSL_init_crypto, 1);

    wm_vuldet_init(vuldet);

    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    wm_max_eps = 1000000;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_OVAL)))
        return;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // CVE info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "1");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "cve@mitre.org");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "4.0");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "REDHAT");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for scoring
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1  );
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_sqlite3_step_call(SQLITE_DONE);

    // Query for oval data
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, vu_severities[VU_HIGH]);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "6.9");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "3.6");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    //Query for oval references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for oval bugzilla references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for oval advisories
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "RHSA-2020:0975");
    expect_sqlite3_step_call(SQLITE_DONE);

    // Sending the CVE report
    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;
    cJSON* j_advisories = (cJSON *)1;

    char *json_text = NULL;
    os_strdup("{\"title\": \"vulnerability detector alert json\"}", json_text);

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, "libhogweed4");
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, "5.3.4");
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, "Package less than 4.3-2");
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, "CVE-2016-6489");
    expect_string(__wrap_cJSON_AddStringToObject, name, "title");
    expect_string(__wrap_cJSON_AddStringToObject, string, "CVE-2016-6489 affects libhogweed4");
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, "The CVE description or rationale.");
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "High");

    // Normalize date
    char * published;
    os_calloc(11, sizeof(char), published);
    snprintf(published, 11, "%s", "2017-04-14");
    expect_string(__wrap_wstr_replace, string, "2017-04-14");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2017-04-14");

    char * updated;
    os_calloc(11, sizeof(char), updated);
    snprintf(updated, 11, "%s", "2017-07-01");
    expect_string(__wrap_wstr_replace, string, "2017-07-01");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2017-07-01");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, "CWE-502");
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "RHSA-2020:0975");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding bugzilla references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "assigner");
    expect_string(__wrap_cJSON_AddStringToObject, string, "cve@mitre.org");
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve_version");
    expect_string(__wrap_cJSON_AddStringToObject, string, "4.0");
    will_return(__wrap_cJSON_PrintUnformatted, json_text);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5468): The 'libhogweed4' package (5.3.4) from agent '000' is vulnerable to 'CVE-2016-6489'. Condition: 'Package less than 4.3-2'");

    expect_string(__wrap_SendMSG, message, "{\"title\": \"vulnerability detector alert json\"}");
    expect_string(__wrap_SendMSG, locmsg, "vulnerability-detector");
    expect_value(__wrap_SendMSG, loc, LOCALFILE_MQ);
    will_return(__wrap_SendMSG, OS_SUCCESS);

    expect_function_call(__wrap_cJSON_Delete);

    // We only have one vulnerability
    expect_value(__wrap_OSHash_Next, self, cve_table);
    will_return(__wrap_OSHash_Next, NULL);

    // Sending final logs git results
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'NVD' feed.");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '1' vulnerabilities have been reported for agent '000' thanks to the 'vendor' feed.");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5469): A total of '1' vulnerabilities have been reported for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'report' vulnerabilities in agent '000'");

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_SUCCESS);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
    os_free(vuldet);
}

void test_wm_vuldet_send_agent_report_send_cve_report_without_errors_NVD(void **state)
{
    wm_vuldet_t *vuldet = calloc(1, sizeof(wm_vuldet_t));

    if (!vuldet) {
        return;
    }

    vuldet->flags.enabled = 1;
    vuldet->flags.run_on_start = 1;

    expect_string(__wrap_StartMQ, path, DEFAULTQPATH);
    expect_value(__wrap_StartMQ, type, WRITE);
    will_return(__wrap_StartMQ, 1);

    will_return_always(__wrap_OPENSSL_init_ssl, 1);
    will_return(__wrap_OPENSSL_init_crypto, 1);

    wm_vuldet_init(vuldet);

    agent_software *agent = *state;
    sqlite3 *db = (sqlite3 *)1;
    OSHash *cve_table = (OSHash *)1;

    wm_max_eps = 1000000;

    agent->dist = FEED_UBUNTU;
    agent->dist_ver = FEED_FOCAL;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // CVE info query
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "1");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "cve@mitre.org");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "4.0");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    //Query for references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1);
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "REDHAT");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for scoring
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_int, index, 1);
    expect_value(__wrap_sqlite3_bind_int, value, 1  );
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "");
    expect_value(__wrap_sqlite3_column_double, iCol, 1);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 2);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_double, iCol, 3);
    will_return(__wrap_sqlite3_column_double, 0);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_sqlite3_step_call(SQLITE_DONE);

    // Query for oval data
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, vu_severities[VU_HIGH]);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, "2017-04-14");
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "2017-07-01");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, "The CVE description or rationale.");
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, "6.9");
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "3.6");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "AV:N/AC:M/Au:N/C:N/I:N/A:C");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, "CWE-502");
    //Query for oval references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for oval bugzilla references
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    expect_sqlite3_step_call(SQLITE_DONE);
    //Query for oval advisories
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-2016-6489");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "FOCAL");
    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "RHSA-2020:0975");
    expect_sqlite3_step_call(SQLITE_DONE);

    // Sending the CVE report
    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;
    cJSON* j_advisories = (cJSON *)1;

    char *json_text = NULL;
    os_strdup("{\"title\": \"vulnerability detector alert json\"}", json_text);

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, "libhogweed4");
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, "5.3.4");
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, "Package matches a vulnerable version");
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, "CVE-2016-6489");
    expect_string(__wrap_cJSON_AddStringToObject, name, "title");
    expect_string(__wrap_cJSON_AddStringToObject, string, "CVE-2016-6489 affects libhogweed4");
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, "The CVE description or rationale.");
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "High");

    // Normalize date
    char * published;
    os_calloc(11, sizeof(char), published);
    snprintf(published, 11, "%s", "2017-04-14");
    expect_string(__wrap_wstr_replace, string, "2017-04-14");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2017-04-14");

    char * updated;
    os_calloc(11, sizeof(char), updated);
    snprintf(updated, 11, "%s", "2017-07-01");
    expect_string(__wrap_wstr_replace, string, "2017-07-01");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2017-07-01");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, "CWE-502");
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "RHSA-2020:0975");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding bugzilla references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "assigner");
    expect_string(__wrap_cJSON_AddStringToObject, string, "cve@mitre.org");
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve_version");
    expect_string(__wrap_cJSON_AddStringToObject, string, "4.0");
    will_return(__wrap_cJSON_PrintUnformatted, json_text);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5468): The 'libhogweed4' package (5.3.4) from agent '000' is vulnerable to 'CVE-2016-6489'. Condition: 'Package matches a vulnerable version'");

    expect_string(__wrap_SendMSG, message, "{\"title\": \"vulnerability detector alert json\"}");
    expect_string(__wrap_SendMSG, locmsg, "vulnerability-detector");
    expect_value(__wrap_SendMSG, loc, LOCALFILE_MQ);
    will_return(__wrap_SendMSG, OS_SUCCESS);

    expect_function_call(__wrap_cJSON_Delete);

    // We only have one vulnerability
    expect_value(__wrap_OSHash_Next, self, cve_table);
    will_return(__wrap_OSHash_Next, NULL);

    // Sending final logs git results
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '1' vulnerabilities have been reported for agent '000' thanks to the 'NVD' feed.");

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'vendor' feed.");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5469): A total of '1' vulnerabilities have been reported for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'report' vulnerabilities in agent '000'");

    int ret = wm_vuldet_send_agent_report(db, cve_table, agent);

    assert_int_equal(ret, OS_SUCCESS);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
    os_free(vuldet);
}

/* wm_vuldet_get_cvss */

void test_wm_vuldet_get_cvss_null(void ** state)
{
    const char *cvss_vector = NULL;

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_null(ret);
}

void test_wm_vuldet_get_cvss_error_cvss_json(void ** state)
{
    const char *cvss_vector = "AV:N/AC:M/Au:N/C:N/I:N/A:C";

    will_return(__wrap_cJSON_CreateObject, NULL);

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_null(ret);
}

void test_wm_vuldet_get_cvss_attack_vector_local(void ** state)
{
    const char *cvss_vector = "AV:L";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "local");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_attack_vector_adjacent_network(void ** state)
{
    const char *cvss_vector = "AV:A";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "adjacent_network");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_attack_vector_network(void ** state)
{
    const char *cvss_vector = "AV:N";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_attack_vector_physiscal(void ** state)
{
    const char *cvss_vector = "AV:P";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "physical");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_access_complexity_low(void ** state)
{
    const char *cvss_vector = "AC:L";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "low");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_access_complexity_medium(void ** state)
{
    const char *cvss_vector = "AC:M";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_access_complexity_high(void ** state)
{
    const char *cvss_vector = "AC:H";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_authentication_multiple(void ** state)
{
    const char *cvss_vector = "Au:M";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "multiple");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_authentication_single(void ** state)
{
    const char *cvss_vector = "Au:S";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "single");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_authentication_none(void ** state)
{
    const char *cvss_vector = "Au:N";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_confidentiality_impact_none(void ** state)
{
    const char *cvss_vector = "C:N";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_confidentiality_impact_partial(void ** state)
{
    const char *cvss_vector = "C:P";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "partial");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_confidentiality_impact_complete(void ** state)
{
    const char *cvss_vector = "C:C";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_confidentiality_impact_low(void ** state)
{
    const char *cvss_vector = "C:L";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "low");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_confidentiality_impact_high(void ** state)
{
    const char *cvss_vector = "C:H";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_integrity_impact_none(void ** state)
{
    const char *cvss_vector = "I:N";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_integrity_impact_partial(void ** state)
{
    const char *cvss_vector = "I:P";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "partial");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_integrity_impact_complete(void ** state)
{
    const char *cvss_vector = "I:C";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_integrity_impact_low(void ** state)
{
    const char *cvss_vector = "I:L";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "low");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_integrity_impact_high(void ** state)
{
    const char *cvss_vector = "I:H";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_availability_none(void ** state)
{
    const char *cvss_vector = "A:N";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_availability_partial(void ** state)
{
    const char *cvss_vector = "A:P";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "partial");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_availability_complete(void ** state)
{
    const char *cvss_vector = "A:C";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_availability_low(void ** state)
{
    const char *cvss_vector = "A:L";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "low");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_availability_high(void ** state)
{
    const char *cvss_vector = "A:H";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_privileges_required_none(void ** state)
{
    const char *cvss_vector = "PR:N";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_privileges_required_partial(void ** state)
{
    const char *cvss_vector = "PR:P";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "partial");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_privileges_required_complete(void ** state)
{
    const char *cvss_vector = "PR:C";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_privileges_required_low(void ** state)
{
    const char *cvss_vector = "PR:L";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "low");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_privileges_required_high(void ** state)
{
    const char *cvss_vector = "PR:H";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_user_interaction_none(void ** state)
{
    const char *cvss_vector = "UI:N";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_user_interaction_required(void ** state)
{
    const char *cvss_vector = "UI:R";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "required");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_scope_unchanged(void ** state)
{
    const char *cvss_vector = "S:U";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_scope_changed(void ** state)
{
    const char *cvss_vector = "S:C";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "changed");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_v2(void ** state)
{
    const char *cvss_vector = "AV:N/AC:M/Au:N/C:N/I:N/A:C";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

void test_wm_vuldet_get_cvss_v3(void ** state)
{
    const char *cvss_vector = "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H";
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");

    cJSON *ret = wm_vuldet_get_cvss(cvss_vector);

    assert_non_null(ret);
}

/* wm_vuldet_send_cve_report */

void test_wm_vuldet_send_cve_report_error_alert_create(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    will_return(__wrap_cJSON_CreateObject, NULL);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_INVALID);
}

void test_wm_vuldet_send_cve_report_error_alert_cve_create(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    cJSON* alert = (cJSON *)1;
    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, NULL);
    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_INVALID);
}

void test_wm_vuldet_send_cve_report_error_j_package_create(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    //Creating packaje objects
    will_return(__wrap_cJSON_CreateObject, NULL);
    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_INVALID);
}

void test_wm_vuldet_send_cve_report_error_j_cvss_create(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 1, 1, 1, 1))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->condition);
    //Creating cvss objects
    will_return(__wrap_cJSON_CreateObject, NULL);
    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_INVALID);
}

void test_wm_vuldet_send_cve_report_error_j_cvss_node_create(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 1, 1, 1, 1))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->condition);
    //Creating cvss objects
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, NULL);
    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_INVALID);
}

void test_wm_vuldet_send_cve_report_error_j_advisories_create(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 1, 1, 1, 1))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->condition);
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 7.1);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 8.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 5.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 2.2);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding CVE information
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve);
    expect_string(__wrap_cJSON_AddStringToObject, name, "title");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->title);
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->rationale);
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, vu_severities[VU_HIGH]);

    // Normalize date
    char * published;
    os_calloc(21, sizeof(char), published);
    snprintf(published, 21, "%s", "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-03-05T15:15:00Z");

    char * updated;
    os_calloc(21, sizeof(char), updated);
    snprintf(updated, 21, "%s", "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-05-25T15:15:00Z");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cwe);
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, NULL);
    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_INVALID);
}

void test_wm_vuldet_send_cve_report_error_j_bug_references_create(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 1, 1, 1, 1))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;
    cJSON* j_advisories = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->condition);
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 7.1);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 8.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 5.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 2.2);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding CVE information
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve);
    expect_string(__wrap_cJSON_AddStringToObject, name, "title");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->title);
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->rationale);
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, vu_severities[VU_HIGH]);

    // Normalize date
    char * published;
    os_calloc(21, sizeof(char), published);
    snprintf(published, 21, "%s", "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-03-05T15:15:00Z");

    char * updated;
    os_calloc(21, sizeof(char), updated);
    snprintf(updated, 21, "%s", "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-05-25T15:15:00Z");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cwe);
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "RHSA-2020:0975");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding bugzilla references data
    will_return(__wrap_cJSON_CreateArray, NULL);
    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_INVALID);
}

void test_wm_vuldet_send_cve_report_error_j_references_create(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 1, 1, 1, 1))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;
    cJSON* j_advisories = (cJSON *)1;

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->condition);
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 7.1);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 8.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 5.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 2.2);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding CVE information
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve);
    expect_string(__wrap_cJSON_AddStringToObject, name, "title");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->title);
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->rationale);
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, vu_severities[VU_HIGH]);

    // Normalize date
    char * published;
    os_calloc(21, sizeof(char), published);
    snprintf(published, 21, "%s", "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-03-05T15:15:00Z");

    char * updated;
    os_calloc(21, sizeof(char), updated);
    snprintf(updated, 21, "%s", "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-05-25T15:15:00Z");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cwe);
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "RHSA-2020:0975");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding bugzilla references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding references data
    will_return(__wrap_cJSON_CreateArray, NULL);
    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_INVALID);
}

void test_wm_vuldet_send_cve_report_without_title(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 0, 1, 1, 1))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;
    cJSON* j_advisories = (cJSON *)1;

    char *json_text = NULL;
    os_strdup("{\"title\": \"vulnerability detector alert json\"}", json_text);

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->condition);
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 7.1);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 8.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 5.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 2.2);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding CVE information
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve);
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->rationale);
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, vu_severities[VU_HIGH]);

    // Normalize date
    char * published;
    os_calloc(21, sizeof(char), published);
    snprintf(published, 21, "%s", "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-03-05T15:15:00Z");

    char * updated;
    os_calloc(21, sizeof(char), updated);
    snprintf(updated, 21, "%s", "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-05-25T15:15:00Z");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cwe);
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "RHSA-2020:0975");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding bugzilla references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "assigner");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->assigner);
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve_version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve_version);
    will_return(__wrap_cJSON_PrintUnformatted, json_text);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5467): Agent '001' is vulnerable to 'CVE-2016-6489'. Condition: 'Package less than 4.3-2'");

    expect_string(__wrap_SendMSG, message, "1:vulnerability-detector:{\"title\": \"vulnerability detector alert json\"}");
    expect_string(__wrap_SendMSG, locmsg, "[001] (Ubuntu_WAgent) 192.168.0.125");
    expect_value(__wrap_SendMSG, loc, SECURE_MQ);
    will_return(__wrap_SendMSG, OS_SUCCESS);

    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_SUCCESS);
}

void test_wm_vuldet_send_cve_report_without_condition(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 1, 0, 1, 1))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;
    cJSON* j_advisories = (cJSON *)1;

    char *json_text = NULL;
    os_strdup("{\"title\": \"vulnerability detector alert json\"}", json_text);

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, "Package CVE-2016-6489 reports as vulnerable all the versions of this package 4.3-2");
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 7.1);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 8.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 5.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 2.2);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding CVE information
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve);
    expect_string(__wrap_cJSON_AddStringToObject, name, "title");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->title);
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->rationale);
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, vu_severities[VU_HIGH]);

    // Normalize date
    char * published;
    os_calloc(21, sizeof(char), published);
    snprintf(published, 21, "%s", "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-03-05T15:15:00Z");

    char * updated;
    os_calloc(21, sizeof(char), updated);
    snprintf(updated, 21, "%s", "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-05-25T15:15:00Z");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cwe);
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "RHSA-2020:0975");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding bugzilla references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "assigner");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->assigner);
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve_version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve_version);
    will_return(__wrap_cJSON_PrintUnformatted, json_text);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5467): Agent '001' is vulnerable to 'CVE-2016-6489'. Condition: 'Package CVE-2016-6489 reports as vulnerable all the versions of this package 4.3-2'");

    expect_string(__wrap_SendMSG, message, "1:vulnerability-detector:{\"title\": \"vulnerability detector alert json\"}");
    expect_string(__wrap_SendMSG, locmsg, "[001] (Ubuntu_WAgent) 192.168.0.125");
    expect_value(__wrap_SendMSG, loc, SECURE_MQ);
    will_return(__wrap_SendMSG, OS_SUCCESS);

    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_SUCCESS);
}

void test_wm_vuldet_send_cve_report_without_ip(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 1, 1, 0, 1))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;
    cJSON* j_advisories = (cJSON *)1;

    char *json_text = NULL;
    os_strdup("{\"title\": \"vulnerability detector alert json\"}", json_text);

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->condition);
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 7.1);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 8.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 5.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 2.2);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding CVE information
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve);
    expect_string(__wrap_cJSON_AddStringToObject, name, "title");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->title);
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->rationale);
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, vu_severities[VU_HIGH]);

    // Normalize date
    char * published;
    os_calloc(21, sizeof(char), published);
    snprintf(published, 21, "%s", "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-03-05T15:15:00Z");

    char * updated;
    os_calloc(21, sizeof(char), updated);
    snprintf(updated, 21, "%s", "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-05-25T15:15:00Z");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cwe);
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "RHSA-2020:0975");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding bugzilla references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "assigner");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->assigner);
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve_version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve_version);
    will_return(__wrap_cJSON_PrintUnformatted, json_text);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5467): Agent '001' is vulnerable to 'CVE-2016-6489'. Condition: 'Package less than 4.3-2'");

    expect_string(__wrap_SendMSG, message, "{\"title\": \"vulnerability detector alert json\"}");
    expect_string(__wrap_SendMSG, locmsg, "vulnerability-detector");
    expect_value(__wrap_SendMSG, loc, LOCALFILE_MQ);
    will_return(__wrap_SendMSG, OS_SUCCESS);

    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_SUCCESS);
}

void test_wm_vuldet_send_cve_report_without_hotfix(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 1, 1, 1, 0))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;
    cJSON* j_advisories = (cJSON *)1;

    char *json_text = NULL;
    os_strdup("{\"title\": \"vulnerability detector alert json\"}", json_text);

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->condition);
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 7.1);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 8.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 5.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 2.2);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding CVE information
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve);
    expect_string(__wrap_cJSON_AddStringToObject, name, "title");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->title);
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->rationale);
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, vu_severities[VU_HIGH]);

    // Normalize date
    char * published;
    os_calloc(21, sizeof(char), published);
    snprintf(published, 21, "%s", "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-03-05T15:15:00Z");

    char * updated;
    os_calloc(21, sizeof(char), updated);
    snprintf(updated, 21, "%s", "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-05-25T15:15:00Z");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cwe);
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "RHSA-2020:0975");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding bugzilla references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "assigner");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->assigner);
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve_version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve_version);
    will_return(__wrap_cJSON_PrintUnformatted, json_text);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5468): The 'libhogweed4' package (3.4-1) from agent '001' is vulnerable to 'CVE-2016-6489'. Condition: 'Package less than 4.3-2'");

    expect_string(__wrap_SendMSG, message, "1:vulnerability-detector:{\"title\": \"vulnerability detector alert json\"}");
    expect_string(__wrap_SendMSG, locmsg, "[001] (Ubuntu_WAgent) 192.168.0.125");
    expect_value(__wrap_SendMSG, loc, SECURE_MQ);
    will_return(__wrap_SendMSG, OS_SUCCESS);

    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_SUCCESS);
}

void test_wm_vuldet_send_cve_report_sendmsg_error(void **state)
{
    vu_report* report = state[REPORT_CVE_REPORT_POS];

    if (OS_INVALID == build_test_cve_report(report, 1, 1, 1, 0))
        return;

    cJSON* alert = (cJSON *)1;
    cJSON* alert_cve = (cJSON *)1;
    cJSON* j_package = (cJSON *)1;
    cJSON* j_cvss = (cJSON *)1;
    cJSON* j_cvss_node = (cJSON *)1;
    cJSON* cvss_json = (cJSON *)1;
    cJSON* j_advisories = (cJSON *)1;

    char *json_text = NULL;
    os_strdup("{\"title\": \"vulnerability detector alert json\"}", json_text);

    will_return_always(__wrap_cJSON_AddStringToObject, (cJSON *)1);

    will_return(__wrap_cJSON_CreateObject, alert);
    will_return(__wrap_cJSON_CreateObject, alert_cve);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding package information
    will_return(__wrap_cJSON_CreateObject, j_package);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "name");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->software);
    expect_string(__wrap_cJSON_AddStringToObject, name, "source");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->source);
    expect_string(__wrap_cJSON_AddStringToObject, name, "version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->version);
    expect_string(__wrap_cJSON_AddStringToObject, name, "generated_cpe");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->generated_cpe);
    expect_string(__wrap_cJSON_AddStringToObject, name, "architecture");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->arch);
    expect_string(__wrap_cJSON_AddStringToObject, name, "condition");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->condition);
    // Adding cvss information
    will_return(__wrap_cJSON_CreateObject, j_cvss);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "medium");
    expect_string(__wrap_cJSON_AddStringToObject, name, "authentication");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "complete");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 7.1);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 8.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 6.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, j_cvss_node);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    will_return(__wrap_cJSON_CreateObject, cvss_json);
    expect_string(__wrap_cJSON_AddStringToObject, name, "attack_vector");
    expect_string(__wrap_cJSON_AddStringToObject, string, "network");
    expect_string(__wrap_cJSON_AddStringToObject, name, "access_complexity");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_string(__wrap_cJSON_AddStringToObject, name, "privileges_required");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "user_interaction");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "scope");
    expect_string(__wrap_cJSON_AddStringToObject, string, "unchanged");
    expect_string(__wrap_cJSON_AddStringToObject, name, "confidentiality_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "integrity_impact");
    expect_string(__wrap_cJSON_AddStringToObject, string, "none");
    expect_string(__wrap_cJSON_AddStringToObject, name, "availability");
    expect_string(__wrap_cJSON_AddStringToObject, string, "high");
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 5.9);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 2.2);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_value(__wrap_cJSON_CreateNumber, num, 3.6);
    will_return(__wrap_cJSON_CreateNumber, NULL);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding CVE information
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve);
    expect_string(__wrap_cJSON_AddStringToObject, name, "title");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->title);
    expect_string(__wrap_cJSON_AddStringToObject, name, "rationale");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->rationale);
    expect_string(__wrap_cJSON_AddStringToObject, name, "severity");
    expect_string(__wrap_cJSON_AddStringToObject, string, vu_severities[VU_HIGH]);

    // Normalize date
    char * published;
    os_calloc(21, sizeof(char), published);
    snprintf(published, 21, "%s", "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-03-05T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, published);

    expect_string(__wrap_cJSON_AddStringToObject, name, "published");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-03-05T15:15:00Z");

    char * updated;
    os_calloc(21, sizeof(char), updated);
    snprintf(updated, 21, "%s", "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, string, "2020-05-25T15:15:00Z");
    expect_string(__wrap_wstr_replace, search, "/");
    expect_string(__wrap_wstr_replace, replace, "-");
    will_return(__wrap_wstr_replace, updated);

    expect_string(__wrap_cJSON_AddStringToObject, name, "updated");
    expect_string(__wrap_cJSON_AddStringToObject, string, "2020-05-25T15:15:00Z");

    expect_string(__wrap_cJSON_AddStringToObject, name, "cwe_reference");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cwe);
    // Adding advisories data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "RHSA-2020:0975");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding bugzilla references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.org/cgi-bin/bugreport.cgi?bug=925286");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    // Adding references data
    will_return(__wrap_cJSON_CreateArray, j_advisories);
    expect_string(__wrap_cJSON_CreateString, string, "http://rhn.redhat.com/errata/RHSA-2016-2582.html");
    will_return(__wrap_cJSON_CreateString, NULL);
    expect_function_call(__wrap_cJSON_AddItemToArray);
    will_return(__wrap_cJSON_AddItemToArray, true);
    expect_function_call(__wrap_cJSON_AddItemToObject);
    will_return(__wrap_cJSON_AddItemToObject, true);
    expect_string(__wrap_cJSON_AddStringToObject, name, "assigner");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->assigner);
    expect_string(__wrap_cJSON_AddStringToObject, name, "cve_version");
    expect_string(__wrap_cJSON_AddStringToObject, string, report->cve_version);
    will_return(__wrap_cJSON_PrintUnformatted, json_text);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5468): The 'libhogweed4' package (3.4-1) from agent '001' is vulnerable to 'CVE-2016-6489'. Condition: 'Package less than 4.3-2'");

    expect_string(__wrap_SendMSG, message, "1:vulnerability-detector:{\"title\": \"vulnerability detector alert json\"}");
    expect_string(__wrap_SendMSG, locmsg, "[001] (Ubuntu_WAgent) 192.168.0.125");
    expect_value(__wrap_SendMSG, loc, SECURE_MQ);
    will_return(__wrap_SendMSG, OS_INVALID);

    char* strerr = NULL;
    os_strdup("Error sending message", strerr);
    will_return(__wrap_strerror, strerr);

    expect_string(__wrap__merror, formatted_msg, "At wm_sendmsg(): Unable to send message to queue: (Error sending message)");

    will_return(__wrap_strerror, strerr);
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1210): Queue '/queue/ossec/queue' not accessible: 'Error sending message'");

    expect_string(__wrap_StartMQ, path, DEFAULTQUEUE);
    expect_value(__wrap_StartMQ, type, WRITE);
    will_return(__wrap_StartMQ, -1);

    expect_string(__wrap__mterror_exit, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror_exit, formatted_msg, "(1211): Unable to access queue: '/queue/ossec/queue'. Giving up.");

    expect_function_call(__wrap_cJSON_Delete);

    int retval = wm_vuldet_send_cve_report(report);

    assert_int_equal(retval, OS_SUCCESS);

    os_free(strerr);
}

/* wm_vuldet_extract_advisories */

void test_wm_vuldet_extract_advisories_no_advisories(void **state)
{
    cJSON *advisories = NULL;

    references *refs = wm_vuldet_extract_advisories(advisories);

    assert_null(refs);
}

void test_wm_vuldet_extract_advisories(void **state)
{
    cJSON *advisories = __real_cJSON_CreateObject();
    cJSON *adv1 = __real_cJSON_CreateString("RHSA-2020:0975");
    cJSON *adv2 = __real_cJSON_CreateString("RHSA-2019:0974");
    __real_cJSON_AddItemToObject(advisories, "advisory", adv1);
    __real_cJSON_AddItemToObject(advisories, "advisory", adv2);

    references *refs = wm_vuldet_extract_advisories(advisories->child);

    assert_int_equal(2, refs->elements);
    assert_string_equal("RHSA-2020:0975", refs->values[0]);
    assert_string_equal("RHSA-2019:0974", refs->values[1]);

    free_strarray(refs->values);
    os_free(refs);
    __real_cJSON_Delete(advisories);
}

/* wm_vuldet_build_url */

void test_wm_vuldet_build_url(void **state)
{
    char* tmp_cve = NULL;
    os_strdup("CVE-2016-6489", tmp_cve);

    char* tmp_url = wm_vuldet_build_url(VU_BUILD_REF_CVE_RH, tmp_cve);

    assert_string_equal("https://access.redhat.com/security/cve/CVE-2016-6489", tmp_url);

    os_free(tmp_cve);
    os_free(tmp_url);
}

/* wm_vuldet_compare_pkg */

void test_wm_vuldet_compare_pkg_equal_id(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    Pkg1->nvd_cond->id = 1; // just a dummy ID
    Pkg2->nvd_cond->id = 1;

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, 0);
}

void test_wm_vuldet_compare_pkg_different_id(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    Pkg1->nvd_cond->id = 1; // just a dummy ID
    Pkg2->nvd_cond->id = 2;

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, -1);
}

void test_wm_vuldet_compare_pkg_equal_arch(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("x86", Pkg1->arch);
    os_strdup("x86", Pkg2->arch);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, 0);
}

void test_wm_vuldet_compare_pkg_different_arch(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("x86", Pkg1->arch);
    os_strdup("x64", Pkg2->arch);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, -1);
}

void test_wm_vuldet_compare_pkg_equal_version(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("1.1.1", Pkg1->version);
    os_strdup("1.1.1", Pkg2->version);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, 0);
}

void test_wm_vuldet_compare_pkg_different_version(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("1.1.1", Pkg1->version);
    os_strdup("1.1.2", Pkg2->version);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, -1);
}

void test_wm_vuldet_compare_pkg_equal_bin_name(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("bin_name1", Pkg1->bin_name);
    os_strdup("bin_name1", Pkg2->bin_name);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, 0);
}

void test_wm_vuldet_compare_pkg_different_bin_name(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("bin_name1", Pkg1->bin_name);
    os_strdup("bin_name2", Pkg2->bin_name);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, -1);
}

void test_wm_vuldet_compare_pkg_equal_src_name(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("src_name1", Pkg1->src_name);
    os_strdup("src_name1", Pkg2->src_name);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, 0);
}

void test_wm_vuldet_compare_pkg_different_src_name(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("src_name1", Pkg1->src_name);
    os_strdup("src_name2", Pkg2->src_name);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, -1);
}

void test_wm_vuldet_compare_pkg_equal_vendor(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("vendor1", Pkg1->vendor);
    os_strdup("vendor1", Pkg2->vendor);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, 0);
}

void test_wm_vuldet_compare_pkg_different_vendor(void **state)
{
    cve_vuln_pkg *Pkg1 = state[PKG1_POS];
    cve_vuln_pkg *Pkg2 = state[PKG2_POS];

    os_strdup("vendor1", Pkg1->vendor);
    os_strdup("vendor2", Pkg2->vendor);

    int res = wm_vuldet_compare_pkg(Pkg1, Pkg2);

    assert_int_equal(res, -1);
}

void test_wm_vuldet_add_cve_node_add_error(void **state)
{
    cve_vuln_pkg *newPkg = state[PKG1_POS];

    char *cve = NULL;
    os_strdup("CVE-2016-6489", cve);

    OSHash *cve_table = (OSHash *)1;

    expect_string(__wrap_OSHash_Add, key, "CVE-2016-6489");
    will_return(__wrap_OSHash_Add, 0);

    int ret = wm_vuldet_add_cve_node(newPkg, cve, cve_table);

    assert_int_equal(OS_INVALID, ret);

    os_free(cve);
}

void test_wm_vuldet_add_cve_node_get_error(void **state)
{
    cve_vuln_pkg *Pkg = state[PKG1_POS];
    cve_vuln_pkg *newPkg = state[PKG2_POS];

    char *cve = NULL;
    os_strdup("CVE-2016-6489", cve);

    OSHash *cve_table = (OSHash *)1;

    expect_string(__wrap_OSHash_Add, key, "CVE-2016-6489");
    will_return(__wrap_OSHash_Add, 1);

    expect_value(__wrap_OSHash_Get, self, cve_table);
    expect_string(__wrap_OSHash_Get, key, "CVE-2016-6489");
    will_return(__wrap_OSHash_Get, NULL);

    int ret = wm_vuldet_add_cve_node(newPkg, cve, cve_table);

    assert_int_equal(OS_INVALID, ret);

    os_free(cve);
}

void test_wm_vuldet_add_cve_node(void **state)
{
    cve_vuln_pkg *Pkg = state[PKG1_POS];
    cve_vuln_pkg *newPkg = state[PKG2_POS];

    os_strdup("src_name1", Pkg->src_name);
    os_strdup("src_name1", newPkg->src_name);

    // Deleting the nvd_cond and vuln_cond from Pkg to
    // force the creation and copy within the function
    os_free(Pkg->nvd_cond);
    os_free(Pkg->vuln_cond);

    os_strdup("1.1.2", newPkg->nvd_cond->start_version);
    os_strdup("5.5.2", newPkg->nvd_cond->end_version);
    os_strdup("AND", newPkg->nvd_cond->operator);
    os_strdup("fixed", newPkg->vuln_cond->state);
    os_strdup("less than", newPkg->vuln_cond->operation);
    os_strdup("5.5.2", newPkg->vuln_cond->operation_value);
    os_strdup("Package less than 5.5.2", newPkg->vuln_cond->condition);

    char *cve = NULL;
    os_strdup("CVE-2016-6489", cve);

    OSHash *cve_table = (OSHash *)1;

    expect_string(__wrap_OSHash_Add, key, "CVE-2016-6489");
    will_return(__wrap_OSHash_Add, 1);

    expect_value(__wrap_OSHash_Get, self, cve_table);
    expect_string(__wrap_OSHash_Get, key, "CVE-2016-6489");
    will_return(__wrap_OSHash_Get, Pkg);

    int ret = wm_vuldet_add_cve_node(newPkg, cve, cve_table);

    assert_int_equal(ret, 1);

    os_free(cve);
}

void test_wm_vuldet_add_cve_node_not_found(void **state)
{
    cve_vuln_pkg *Pkg = state[PKG1_POS];
    cve_vuln_pkg *newPkg = state[PKG2_POS];

    os_strdup("src_name1", Pkg->src_name);
    os_strdup("src_name2", newPkg->src_name);

    char *cve = NULL;
    os_strdup("CVE-2016-6489", cve);

    OSHash *cve_table = (OSHash *)1;

    expect_string(__wrap_OSHash_Add, key, "CVE-2016-6489");
    will_return(__wrap_OSHash_Add, 1);

    expect_value(__wrap_OSHash_Get, self, cve_table);
    expect_string(__wrap_OSHash_Get, key, "CVE-2016-6489");
    will_return(__wrap_OSHash_Get, Pkg);

    int ret = wm_vuldet_add_cve_node(newPkg, cve, cve_table);

    assert_int_equal(ret, 0);

    // Within the function, the newPkg was assigned as the next package
    // of Pkg. If we left the structure in this state, it will happen a
    // double-free during the teardown. So, cleaning the reference from next.
    Pkg->next = NULL;
    os_free(cve);
}

/*
* NOTE: This test case was designed just to exercise the cve node
*       memory release. But the verification was made by using valgrind
*       to see that there is not memory not being released.
*       We did it in this way because there is not an efective way
*       to verify from the code that a memory address saved in a pointer
*       variable is alredy released.
*/
void test_wm_vuldet_free_cve_node(void **state)
{
    cve_vuln_pkg *pkg = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), pkg);

    cve_vuln_pkg *next_pkg = NULL;
    os_calloc(1, sizeof(cve_vuln_pkg), next_pkg);

    cve_vuln_cond_NVD* nvd_cond1 = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond1);

    cve_vuln_cond_NVD* nvd_cond2 = NULL;
    os_calloc(1, sizeof(cve_vuln_cond_NVD), nvd_cond2);

    cve_vuln_cond* vuln_cond1 = NULL;
    os_calloc(1, sizeof(cve_vuln_cond), vuln_cond1);

    cve_vuln_cond* vuln_cond2 = NULL;
    os_calloc(1, sizeof(cve_vuln_cond), vuln_cond2);

    if (!pkg || !next_pkg || !nvd_cond1 || !nvd_cond2 || !vuln_cond1 || !vuln_cond2) {
        os_free(vuln_cond1);
        os_free(vuln_cond2);
        os_free(nvd_cond1);
        os_free(nvd_cond2);
        os_free(pkg);
        os_free(next_pkg);
        return;
    }

    pkg->nvd_cond = nvd_cond1;
    pkg->vuln_cond = vuln_cond1;

    os_strdup("src_name1", pkg->src_name);
    os_strdup("bin_name1", pkg->bin_name);
    os_strdup("x64", pkg->arch);
    os_strdup("1:1.2.3-4.5.6", pkg->version);
    os_strdup("1:1.2.3-4.5.5", pkg->nvd_cond->start_version);
    os_strdup("1:1.2.3-4.5.7", pkg->nvd_cond->end_version);
    os_strdup("AND", pkg->nvd_cond->operator);
    os_strdup("fixed", pkg->vuln_cond->state);
    os_strdup("less than", pkg->vuln_cond->operation);
    os_strdup("1:1.2.3-4.5.7", pkg->vuln_cond->operation_value);
    os_strdup("Package less than 1:1.2.3-4.5.7", pkg->vuln_cond->condition);

    pkg->next = next_pkg;
    next_pkg->nvd_cond = nvd_cond2;
    next_pkg->vuln_cond = vuln_cond2;

    os_strdup("src_name1", next_pkg->src_name);
    os_strdup("bin_name1", next_pkg->bin_name);
    os_strdup("x64", next_pkg->arch);
    os_strdup("1:1.2.3-4.5.6", next_pkg->version);
    os_strdup("1:1.2.3-4.5.5", next_pkg->nvd_cond->start_version);
    os_strdup("1:1.2.3-4.5.7", next_pkg->nvd_cond->end_version);
    os_strdup("AND", next_pkg->nvd_cond->operator);
    os_strdup("fixed", next_pkg->vuln_cond->state);
    os_strdup("less than", next_pkg->vuln_cond->operation);
    os_strdup("1:1.2.3-4.5.7", next_pkg->vuln_cond->operation_value);
    os_strdup("Package less than 1:1.2.3-4.5.7", next_pkg->vuln_cond->condition);

    wm_vuldet_free_cve_node(pkg);

    pkg = NULL;
    next_pkg = NULL;
}

/* wm_vuldet_report_agent_vulnerabilities */

void test_wm_vuldet_report_agent_vulnerabilities_agent_info_NULL(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, NULL);
    assert_int_equal(ret, 0);

}

void test_wm_vuldet_report_agent_vulnerabilities_agent_windows_error(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->info = 'T';
    agent->dist = FEED_WIN;
    will_return(__wrap_wm_vuldet_win_nvd_vulnerabilities, -1);

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, NULL);
    assert_int_equal(ret, -1);

}

void test_wm_vuldet_report_agent_vulnerabilities_agent_windows_OK(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->info = 'T';
    agent->dist = FEED_WIN;
    will_return(__wrap_wm_vuldet_win_nvd_vulnerabilities, 0);

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, NULL);
    assert_int_equal(ret, 0);

}

void test_wm_vuldet_report_agent_vulnerabilities_agent_linux_create_hash_error(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = NULL;

    agent->info = 'T';
    agent->dist = FEED_CANONICAL;

    expect_function_call(__wrap_OSHash_Create);
    will_return(__wrap_OSHash_Create, 0);

    expect_string(__wrap__merror, formatted_msg, "(1290): Unable to create a new list (calloc).");

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, NULL);
    assert_int_equal(ret, -1);

}

void test_wm_vuldet_report_agent_vulnerabilities_agent_linux_setSize_hash_error(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = NULL;

    agent->info = 'T';
    agent->dist = FEED_CANONICAL;

    expect_function_call(__wrap_OSHash_Create);
    will_return(__wrap_OSHash_Create, 1);
    will_return(__wrap_OSHash_setSize, 0);

    will_return(__wrap_OSHash_Clean, NULL);

    expect_string(__wrap__merror, formatted_msg, "(1290): Unable to create a new list (calloc).");

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, NULL);
    assert_int_equal(ret, -1);

}

void test_wm_vuldet_report_agent_vulnerabilities_agent_linux_oval_vulnerabilities_error(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->info = 'T';
    agent->dist = FEED_CANONICAL;

    expect_function_call(__wrap_OSHash_Create);
    will_return(__wrap_OSHash_Create, cve_table);
    will_return(__wrap_OSHash_setSize, cve_table);

    //test_wm_vuldet_linux_oval_vulnerabilities_error_prepare()
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5569): Couldn't get the packages of the agent '000'");

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    will_return(__wrap_OSHash_Clean, 0);

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, NULL);
    assert_int_equal(ret, -1);

}

void test_wm_vuldet_report_agent_vulnerabilities_agent_linux_nvd_vulnerabilities_error(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    agent->info = 'T';
    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_function_call(__wrap_OSHash_Create);
    will_return(__wrap_OSHash_Create, cve_table);
    will_return(__wrap_OSHash_setSize, cve_table);

    //test_wm_vuldet_linux_oval_vulnerabilities_one_row_no_data()
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    // By assigning null to some values, the row should be skipped
    // and the code should ask for a new row
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "less than");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.4.3");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "10");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '0' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    will_return(__wrap_wm_vuldet_linux_nvd_vulnerabilities, -1);

    will_return(__wrap_OSHash_Clean, 0);

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, NULL);
    assert_int_equal(ret, -1);

}

void test_wm_vuldet_report_agent_vulnerabilities_agent_linux_rm_false_positivies_error(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    agent->info = 'T';
    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_function_call(__wrap_OSHash_Create);
    will_return(__wrap_OSHash_Create, cve_table);
    will_return(__wrap_OSHash_setSize, cve_table);

    //test_wm_vuldet_linux_oval_vulnerabilities_one_row_no_data()
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    // By assigning null to some values, the row should be skipped
    // and the code should ask for a new row
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "less than");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.4.3");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "5.4.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '0' potential vulnerabilities for agent '000'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    will_return(__wrap_wm_vuldet_linux_nvd_vulnerabilities, 0);

    //wm_vuldet_linux_rm_false_positivies that triggers error
    // Initial logs
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5461): Filtering vulnerabilities obtained for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);

    // SQLite prepare will fail when removing nvd not affected
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5573): Couldn't verify if the vulnerability 'CVE-2016-6489' of the package 'libhogweed4' is already patched.");

    will_return(__wrap_sqlite3_close_v2, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_OSHash_Clean, 0);

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, NULL);
    assert_int_equal(ret, -1);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
}

void test_wm_vuldet_report_agent_vulnerabilities_agent_linux_send_agent_report_error(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    wm_vuldet_flags *flags = calloc(1, sizeof(wm_vuldet_flags));
    if(!flags) {
        return;
    }

    agent->info = 'T';
    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_function_call(__wrap_OSHash_Create);
    will_return(__wrap_OSHash_Create, cve_table);
    will_return(__wrap_OSHash_setSize, cve_table);

    //test_wm_vuldet_linux_oval_vulnerabilities_one_row_no_data()
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    // By assigning null to some values, the row should be skipped
    // and the code should ask for a new row
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "less than");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.4.3");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "5.4.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '0' potential vulnerabilities for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    will_return(__wrap_wm_vuldet_linux_nvd_vulnerabilities, 0);

    //wm_vuldet_linux_rm_false_positivies_OK()

    // Setting valuest to force a failure
    cve_vuln_pkg* data_next = ((cve_vuln_pkg*)node->data)->next;
    os_free(data_next->vuln_cond->state);
    os_strdup("Unfixed", data_next->vuln_cond->state);
    os_free(data_next->bin_name);
    os_strdup("test-wazuh", data_next->bin_name);
    os_free(data_next->src_name);
    os_strdup("test-wazuh-src", data_next->src_name);
    data_next->discard = 0;
    os_free(data_next->nvd_cond);

    // Initial logs
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5461): Filtering vulnerabilities obtained for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);

    // Removing oval not affected will succeed
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, node->key);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_value(__wrap_OSHash_Next, self, cve_table);
    will_return(__wrap_OSHash_Next, NULL);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5465): A total of '0' potential vulnerabilities have been discarded for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'filter' vulnerabilities in agent '000'");

    //wm_vuldet_send_agent_report_fill_report_nvd_cve_info_error()
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5578): Could not fill the report with the CVE info from the NVD for agent '000'");

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    will_return(__wrap_OSHash_Clean, 0);

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, flags);
    assert_int_equal(ret, -1);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);
    os_free(flags);
}

void test_wm_vuldet_report_agent_vulnerabilities_agent_linux_OK(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    agent_software *agent = *state;
    OSHash *cve_table = (OSHash *)1;

    OSHashNode* node = NULL;
    os_calloc(1, sizeof(OSHashNode), node);
    if (!node || (OS_INVALID == build_test_hash_node(node, VU_SRC_NVD)))
        return;

    agent->info = 'T';
    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    expect_function_call(__wrap_OSHash_Create);
    will_return(__wrap_OSHash_Create, cve_table);
    will_return(__wrap_OSHash_setSize, cve_table);

    //test_wm_vuldet_linux_oval_vulnerabilities_one_row_no_data()
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5456): Analyzing OVAL vulnerabilities for agent '000'");

    will_return(__wrap_time, (time_t)1);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020");

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);
    // building query
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");
    expect_value(__wrap_sqlite3_bind_int, index, 2);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    // By assigning null to some values, the row should be skipped
    // and the code should ask for a new row
    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 1);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 2);
    will_return(__wrap_sqlite3_column_text, "source");
    expect_value(__wrap_sqlite3_column_text, iCol, 3);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 4);
    will_return(__wrap_sqlite3_column_text, NULL);
    expect_value(__wrap_sqlite3_column_text, iCol, 5);
    will_return(__wrap_sqlite3_column_text, "less than");
    expect_value(__wrap_sqlite3_column_text, iCol, 6);
    will_return(__wrap_sqlite3_column_text, "5.4.3");
    expect_value(__wrap_sqlite3_column_text, iCol, 7);
    will_return(__wrap_sqlite3_column_text, "5.4.2");
    expect_value(__wrap_sqlite3_column_text, iCol, 8);
    will_return(__wrap_sqlite3_column_text, NULL);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5457): The OVAL found a total of '0' potential vulnerabilities for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'find OVAL' vulnerabilities in agent '000'");

    will_return(__wrap_wm_vuldet_linux_nvd_vulnerabilities, 0);

    //wm_vuldet_linux_rm_false_positivies_OK()

    // Setting valuest to force a failure
    cve_vuln_pkg* data_next = ((cve_vuln_pkg*)node->data)->next;
    os_free(data_next->vuln_cond->state);
    os_strdup("Unfixed", data_next->vuln_cond->state);
    os_free(data_next->bin_name);
    os_strdup("test-wazuh", data_next->bin_name);
    os_free(data_next->src_name);
    os_strdup("test-wazuh-src", data_next->src_name);

    // Initial logs
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5461): Filtering vulnerabilities obtained for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);

    // Removing oval not affected will succeed
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, node->key);
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "BUSTER");

    expect_sqlite3_step_call(SQLITE_ROW);
    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5462): Package 'test-wazuh' not vulnerable to 'CVE-2016-6489' since it is not affected (feed 'OVAL').");

    expect_value(__wrap_OSHash_Next, self, cve_table);
    will_return(__wrap_OSHash_Next, NULL);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5465): A total of '1' potential vulnerabilities have been discarded for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'filter' vulnerabilities in agent '000'");

    //wm_vuldet_send_agent_report_fill_report_nvd_cve_info_error()
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5466): Sending vulnerabilities report for agent '000'");

    will_return(__wrap_time, (time_t)1);

    expect_value(__wrap_OSHash_Begin, self, cve_table);
    will_return(__wrap_OSHash_Begin, node);
    expect_value(__wrap_OSHash_Next, self, cve_table);
    will_return(__wrap_OSHash_Next, NULL);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'NVD' feed.");
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5482): A total of '0' vulnerabilities have been reported for agent '000' thanks to the 'vendor' feed.");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5469): A total of '0' vulnerabilities have been reported for agent '000'");

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    will_return(__wrap_time, (time_t)1);
    expect_string(__wrap__mtdebug1, formatted_msg, "(5470): It took '0' seconds to 'report' vulnerabilities in agent '000'");

    will_return(__wrap_OSHash_Clean, 0);

    int ret = wm_vuldet_report_agent_vulnerabilities(db, agent, NULL);
    assert_int_equal(ret, 0);

    wm_vuldet_free_cve_node(node->data);
    os_free(node->key);
    os_free(node);

}

/* wm_vuldet_discard_kernel_package */

void test_wm_vuldet_discard_kernel_package_null_kernel(void **state)
{
    agent_software *agent = *state;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    agent->arch = strdup("x86_64");
    agent->kernel_release = NULL;

    char *name = "linux-image-test";
    char *version = "0.0.0";
    char *arch = "x86_64";

    int ret = wm_vuldet_discard_kernel_package(agent, name, version, arch);
    assert_int_equal(ret, 0);

}

void test_wm_vuldet_discard_kernel_package_redhat_no_kernel(void **state)
{
    agent_software *agent = *state;

    agent->dist = FEED_REDHAT;
    agent->dist_ver = FEED_REDHAT;
    char *name = "test";
    char *version = "0.0.0";
    char *arch = "x32";

    int ret = wm_vuldet_discard_kernel_package(agent, name, version, arch);
    assert_int_equal(ret, 0);

}

void test_wm_vuldet_discard_kernel_package_redhat_kernel(void **state)
{
    agent_software *agent = *state;

    agent->dist = FEED_REDHAT;
    agent->dist_ver = FEED_REDHAT;
    agent->arch = strdup("x86_64");
    agent->kernel_release = strdup("0.0.0.x86_64");

    char *name = "kernel";
    char *version = "0.0.0";
    char *arch = "x86_64";

    int ret = wm_vuldet_discard_kernel_package(agent, name, version, arch);
    assert_int_equal(ret, 0);

}

void test_wm_vuldet_discard_kernel_package_debian_family_no_linux_image(void **state)
{
    agent_software *agent = *state;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    agent->arch = strdup("x86_64");
    agent->kernel_release = strdup("0.0.0.x86_64");

    char *name = "test";
    char *version = "0.0.0";
    char *arch = "x86_64";

    int ret = wm_vuldet_discard_kernel_package(agent, name, version, arch);
    assert_int_equal(ret, 0);

}

void test_wm_vuldet_discard_kernel_package_debian_family_linux_image(void **state)
{
    agent_software *agent = *state;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    agent->arch = strdup("x86_64");
    agent->kernel_release = strdup("0.0.0.x86_64");

    char *name = "linux-image-0.0.0.x86_64";
    char *version = "0.0.0";
    char *arch = "x86_64";

    int ret = wm_vuldet_discard_kernel_package(agent, name, version, arch);
    assert_int_equal(ret, 0);

}

void test_wm_vuldet_discard_kernel_package_discard_kernel(void **state)
{
    agent_software *agent = *state;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    agent->arch = strdup("x86_64");
    agent->kernel_release = strdup("0.0.0.x86_64");

    char *name = "linux-image-test";
    char *version = "0.0.0";
    char *arch = "x86_64";

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5574): Discarded Linux Kernel package 'test' (not running) for agent '000'");

    int ret = wm_vuldet_discard_kernel_package(agent, name, version, arch);
    assert_int_equal(ret, -1);

}

void test_wm_vuldet_discard_kernel_package_OK(void **state)
{
    agent_software *agent = *state;

    agent->dist = FEED_DEBIAN;
    agent->dist_ver = FEED_BUSTER;

    agent->arch = strdup("x86_64");
    agent->kernel_release = strdup("1.0.0.x86_64");

    char *name = "test_OK";
    char *version = "1.0.0";
    char *arch = "x86_64";

    int ret = wm_vuldet_discard_kernel_package(agent, name, version, arch);
    assert_int_equal(ret, 0);

}

/* wm_vuldet_fetch_redhat_no_valid_response */

void test_wm_vuldet_fetch_redhat_multi_url_no_valid_response(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    update->update_state = VU_TRUE;
    update->update_it = 1;
    os_strdup("http://local_repo/rh-feed/redhat-feed[-].json", update->multi_url);
    update->timeout = 300;

    // Multi URL -> build repo
    char * repo;
    os_calloc(44, sizeof(char), repo);
    snprintf(repo, 44, "%s", "http://local_repo/rh-feed/redhat-feed1.json");
    expect_string(__wrap_wstr_replace, string, update->multi_url);
    expect_string(__wrap_wstr_replace, search, "[-]");
    expect_string(__wrap_wstr_replace, replace, "1");
    will_return(__wrap_wstr_replace, repo);

    // Initial log
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5404): Trying to download 'http://local_repo/rh-feed/redhat-feed1.json'");

    // Function fails attepting to download three times
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "http://local_repo/rh-feed/redhat-feed1.json");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5522): There was no valid response to 'http://local_repo/rh-feed/redhat-feed1.json' after '1' attempts.");

    expect_value(__wrap_sleep, seconds, 2 * DOWNLOAD_SLEEP_FACTOR);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "http://local_repo/rh-feed/redhat-feed1.json");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5522): There was no valid response to 'http://local_repo/rh-feed/redhat-feed1.json' after '2' attempts.");

    expect_value(__wrap_sleep, seconds, 3 * DOWNLOAD_SLEEP_FACTOR);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "http://local_repo/rh-feed/redhat-feed1.json");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    // Logging warn and going to end
    expect_string(__wrap__mtwarn, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtwarn, formatted_msg, "(5547): There was no valid response to 'http://local_repo/rh-feed/redhat-feed1.json' after '3' attempts. Trying the next page.");

    int ret = wm_vuldet_fetch_redhat(update);

    assert_int_equal(OS_SUCCESS, ret);

    os_free(update->multi_url);
    os_free(update);
}

void test_wm_vuldet_fetch_redhat_single_url_no_valid_response(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    update->update_state = VU_TRUE;
    update->update_it = 1;
    update->update_from_year = 2010;
    update->timeout = 300;

    // Initial log
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5404): Trying to download 'https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1'");

    // Function fails attepting to download three times
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5522): There was no valid response to 'https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1' after '1' attempts.");

    expect_value(__wrap_sleep, seconds, 2 * DOWNLOAD_SLEEP_FACTOR);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5522): There was no valid response to 'https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1' after '2' attempts.");

    expect_value(__wrap_sleep, seconds, 3 * DOWNLOAD_SLEEP_FACTOR);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    // Logging warn and going to end
    expect_string(__wrap__mtwarn, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtwarn, formatted_msg, "(5547): There was no valid response to 'https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1' after '3' attempts. Trying the next page.");

    int ret = wm_vuldet_fetch_redhat(update);

    assert_int_equal(OS_SUCCESS, ret);

    os_free(update);
}

void test_wm_vuldet_fetch_redhat_single_url_file_open_error(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    update->update_state = VU_TRUE;
    update->update_it = 1;
    update->update_from_year = 2010;
    update->timeout = 300;

    // Initial log
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5404): Trying to download 'https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1'");

    // Downloading
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_SUCCESS);

    // Opening file
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    char* strerr = NULL;
    os_strdup("Error opening file", strerr);
    will_return(__wrap_strerror, strerr);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "fopen(tmp/vuln-temp-fitted): Error opening file");

    int ret = wm_vuldet_fetch_redhat(update);

    assert_int_equal(OS_INVALID, ret);

    os_free(update);
    os_free(strerr);
}

void test_wm_vuldet_fetch_redhat_single_url_file_read_remove_error(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    update->update_state = VU_TRUE;
    update->update_it = 1;
    update->update_from_year = 2010;
    update->timeout = 300;

    // Initial log
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5404): Trying to download 'https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1'");

    // Downloading
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_SUCCESS);

    // Opening file
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // The file reading will fail and the file removal will fail
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    expect_string(__wrap_remove, filename, VU_FIT_TEMP_FILE);
    will_return(__wrap_remove, OS_INVALID);

    char* strerr = NULL;
    os_strdup("Error removing file", strerr);
    will_return(__wrap_strerror, strerr);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "remove(tmp/vuln-temp-fitted): Error removing file");

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    int ret = wm_vuldet_fetch_redhat(update);

    assert_int_equal(OS_SUCCESS, ret);

    os_free(update);
    os_free(strerr);
}

void test_wm_vuldet_fetch_redhat_single_url_file_read_ok(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    update->update_state = VU_TRUE;
    update->update_it = 1;
    update->update_from_year = 2010;
    update->timeout = 300;

    // Initial log
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5404): Trying to download 'https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1'");

    // Downloading
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "https://access.redhat.com/labs/securitydataapi/cve.json?after=2010-01-01&per_page=1000&page=1");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_SUCCESS);

    // Opening file
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // The file reading will fail and the file removal will fail
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "test");

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    int ret = wm_vuldet_fetch_redhat(update);

    assert_int_equal(OS_SUCCESS, ret);

    os_free(update);
}

// wm_vuldet_check_timestamp

void test_wm_vuldet_check_timestamp_open_error()
{
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, NULL); // sqlite db
    will_return(__wrap_sqlite3_open_v2, SQLITE_ERROR);

    int ret = wm_vuldet_check_timestamp(NULL, NULL, NULL);
    assert_int_equal(ret, VU_TIMESTAMP_FAIL);
}

void test_wm_vuldet_check_timestamp_prepare_error()
{
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3 *)1); // sqlite db
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);
    will_return(__wrap_sqlite3_close_v2, 1);

    int ret = wm_vuldet_check_timestamp(NULL, NULL, NULL);
    assert_int_equal(ret, VU_TIMESTAMP_FAIL);
}

void test_wm_vuldet_check_timestamp_outdated()
{
    char *found = "2020-06-02T10:39:58";

    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3 *) 1); // sqlite db
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020-06-01T10:39:58");

    will_return(__wrap_sqlite3_close_v2, 1);

    int ret = wm_vuldet_check_timestamp(NULL, found, NULL);
    assert_int_equal(ret, VU_TIMESTAMP_OUTDATED);
}

void test_wm_vuldet_check_timestamp_updated()
{

    char *found = "2020-06-02T10:39:58";
    char *time = NULL;

    os_calloc(1, OS_SIZE_256, time);

    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3 *)1); // sqlite db
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020-06-02T10:39:58");

    will_return(__wrap_sqlite3_close_v2, 1);

    int ret = wm_vuldet_check_timestamp(NULL, found, time);
    assert_int_equal(ret, VU_TIMESTAMP_UPDATED);
    assert_string_equal(found, time);

    os_free(time);
}

// wm_vuldet_fetch_oval

void test_wm_vuldet_fetch_oval_debian()
{
    update_node *update = NULL;
    char *repo = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_DEBIAN;
    repo = DEBIAN_REPO;
    update->timeout = 300;

    // Function attepting to download
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 0);

    // Fiel to open file
    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 0);

    int ret = wm_vuldet_fetch_oval(update, repo);
    assert_int_equal(ret, VU_INV_FEED);

    os_free(update);
}

void test_wm_vuldet_fetch_oval_ubuntu_max_attempts()
{
    update_node *update = NULL;
    char *repo = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;
    repo = CANONICAL_REPO;
    update->timeout = 300;

    // Function fails attepting to download
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '0' seconds.");

    expect_value(__wrap_sleep, seconds, 0);

    // Second try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '1' seconds.");

    expect_value(__wrap_sleep, seconds, 1);

    // Third try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '2' seconds.");

    expect_value(__wrap_sleep, seconds, 2);

    // Fourth try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '3' seconds.");

    expect_value(__wrap_sleep, seconds, 3);

    // Fifth try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '4' seconds.");

    expect_value(__wrap_sleep, seconds, 4);

    // Last try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    int ret = wm_vuldet_fetch_oval(update, repo);
    assert_int_equal(ret, VU_INV_FEED);

    os_free(update);
}

void test_wm_vuldet_fetch_oval_ubuntu_failed_open()
{
    update_node *update = NULL;
    char *repo = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;
    repo = CANONICAL_REPO;
    update->timeout = 300;

    // Function attepting to download
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 0);

    // Fiel to open file
    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    int ret = wm_vuldet_fetch_oval(update, repo);
    assert_int_equal(ret, VU_INV_FEED);

    os_free(update);
}

void test_wm_vuldet_fetch_oval_ubuntu_updated()
{
    update_node *update = NULL;
    char *repo = NULL;
    repo = CANONICAL_REPO;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;
    update->dist_tag_ref = FEED_BIONIC;
    update->dist_ext = "Ubuntu";
    update->timeout = 300;

    // Function attepting to download
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 0);

    // Opening file
    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // Read file and parse timestamp
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval:timestamp>2020-06-02T10:39:58</oval:timestamp>");

    // wm_vuldet_check_timestamp
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_value(__wrap_sqlite3_bind_text, buffer, vu_feed_tag[update->dist_tag_ref]);
    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020-06-02T10:39:58");

    will_return(__wrap_sqlite3_close_v2, 1);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5406): The feed 'Ubuntu' is in its latest version.");

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    int ret = wm_vuldet_fetch_oval(update, repo);
    assert_int_equal(ret, VU_NOT_NEED_UPDATE);

    os_free(update);
}

void test_wm_vuldet_fetch_oval_ubuntu_outdated()
{
    update_node *update = NULL;
    char *repo = NULL;
    repo = CANONICAL_REPO;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;
    update->dist_tag_ref = FEED_BIONIC;
    update->dist_ext = "Ubuntu";
    update->timeout = 300;

    // Function attepting to download
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 0);

    // Opening file
    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // Read file and parse timestamp
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval:timestamp>2020-06-02T10:39:58</oval:timestamp>");

    // wm_vuldet_check_timestamp
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3 *)1); // sqlite db
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_value(__wrap_sqlite3_bind_text, buffer, vu_feed_tag[update->dist_tag_ref]);
    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020-06-01T10:39:58");

    will_return(__wrap_sqlite3_close_v2, 1);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5407): The feed 'Ubuntu' is outdated. Fetching the last version.");

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    int ret = wm_vuldet_fetch_oval(update, repo);
    assert_int_equal(ret, VU_NEED_UPDATE);

    os_free(update);
}

void test_wm_vuldet_fetch_oval_ubuntu_failed()
{
    update_node *update = NULL;
    char *repo = NULL;
    repo = CANONICAL_REPO;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;
    update->dist_tag_ref = FEED_BIONIC;
    update->dist_ext = "Ubuntu";
    update->timeout = 300;

    // Function attepting to download
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 0);

    // Opening file
    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // Read file and parse timestamp
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval:timestamp>2020-06-02T10:39:58</oval:timestamp>");

    // wm_vuldet_check_timestamp
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    will_return(__wrap_sqlite3_close_v2, 1);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5509): Stored timestamp could not be compared. The 'Ubuntu' feed will continue updating.");

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    int ret = wm_vuldet_fetch_oval(update, repo);
    assert_int_equal(ret, VU_INV_FEED);

    os_free(update);
}

void test_wm_vuldet_fetch_oval_ubuntu_no_close_tag()
{
    update_node *update = NULL;
    char *repo = NULL;
    repo = CANONICAL_REPO;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;
    update->dist_tag_ref = FEED_BIONIC;
    update->dist_ext = "Ubuntu";
    update->timeout = 300;

    // Function attepting to download
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 0);

    // Opening file
    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // Read file and parse timestamp
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval:timestamp>2020-06-02T10:39:58/oval:timestamp>");

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    int ret = wm_vuldet_fetch_oval(update, repo);
    assert_int_equal(ret, VU_INV_FEED);

    os_free(update);
}

// Tests wm_vuldet_get_debian_status_feed

void test_wm_vuldet_get_debian_status_feed_download_fail(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->multi_path = NULL;
    update->multi_url = NULL;
    update->timeout = 300;

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'https://security-tracker.debian.org/tracker/data/json'");

    //for attempts == WM_VULNDETECTOR_DOWN_ATTEMPTS
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '0' seconds.");
    expect_value(__wrap_sleep, seconds, 0);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '1' seconds.");
    expect_value(__wrap_sleep, seconds, 1);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '2' seconds.");
    expect_value(__wrap_sleep, seconds, 2);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '3' seconds.");
    expect_value(__wrap_sleep, seconds, 3);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '4' seconds.");
    expect_value(__wrap_sleep, seconds, 4);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);

    cJSON *res = wm_vuldet_get_debian_status_feed(update);

    assert_null(res);
    os_free(update);
}

void test_wm_vuldet_get_debian_status_feed_download_ok(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->multi_path = NULL;
    os_strdup("http://test:80/test", update->multi_url);
    update->timeout = 300;

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'http://test:80/test'");

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, "http://test:80/test");
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, NULL);

    // calling wm_vuldet_json_fread
    cJSON* content = (cJSON *)1;

    // extracting file
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    // reading json
    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    cJSON *res = wm_vuldet_get_debian_status_feed(update);

    assert_ptr_equal(res, content);
    os_free(update->multi_url);
    os_free(update);
}

void test_wm_vuldet_get_debian_status_feed_fopen_ok(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->multi_path = NULL;
    update->multi_url = NULL;

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");

    // closing file
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // calling wm_vuldet_json_fread
    cJSON* content = (cJSON *)1;

    // extracting file
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    // reading json
    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    cJSON *res = wm_vuldet_get_debian_status_feed(update);

    assert_ptr_equal(res, content);
    os_free(update);
}

void test_wm_vuldet_get_debian_status_feed_custom_path_fail(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    os_strdup("/test/security-tracker.json", update->multi_path);
    update->multi_url = NULL;
    update->timeout = 300;

    // checking custom path
    expect_string(__wrap_w_is_file, file, "/test/security-tracker.json");
    will_return(__wrap_w_is_file, 0);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "Unable to read file '/test/security-tracker.json'");

    // if the custom path is not available, the feed is downloaded
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'https://security-tracker.debian.org/tracker/data/json'");

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 300);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, NULL);

    // calling wm_vuldet_json_fread
    cJSON* content = (cJSON *)1;

    // extracting file
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    // reading json
    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    cJSON *res = wm_vuldet_get_debian_status_feed(update);

    assert_ptr_equal(res, content);
    os_free(update->multi_path);
    os_free(update);
}

void test_wm_vuldet_get_debian_status_feed_custom_path_ok(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    os_strdup("/test/security-tracker.json", update->multi_path);
    update->multi_url = NULL;

    // checking custom path
    expect_string(__wrap_w_is_file, file, "/test/security-tracker.json");
    will_return(__wrap_w_is_file, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from '/test/security-tracker.json'");

    // calling wm_vuldet_json_fread
    cJSON* content = (cJSON *)1;

    // extracting file
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, "/test/security-tracker.json");
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    // reading json
    expect_string(__wrap_json_fread, path, "/test/security-tracker.json");
    will_return(__wrap_json_fread, content);

    cJSON *res = wm_vuldet_get_debian_status_feed(update);

    assert_ptr_equal(res, content);
    os_free(update->multi_path);
    os_free(update);
}

// Tests wm_vuldet_json_fread

void test_wm_vuldet_json_fread_uncompress_fail(void **state)
{
    // extracting file
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, OS_INVALID);

    cJSON *res = wm_vuldet_json_fread(VU_DEB_TEMP_FILE);

    assert_null(res);
}

void test_wm_vuldet_json_fread_compressed_removing_error(void **state)
{
    cJSON* content = (cJSON *)1;

    // extracting file
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, OS_SUCCESS);

    // reading json
    expect_string(__wrap_json_fread, path, VU_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    // removing file
    expect_string(__wrap_remove, filename, VU_TEMP_FILE);
    will_return(__wrap_remove, OS_INVALID);

    char* strerr = NULL;
    os_strdup("Error sending message", strerr);
    will_return(__wrap_strerror, strerr);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "remove(tmp/vuln-temp): Error sending message");

    cJSON *res = wm_vuldet_json_fread(VU_DEB_TEMP_FILE);

    assert_ptr_equal(res, content);

    os_free(strerr);
}

void test_wm_vuldet_json_fread_not_compressed_ok(void **state)
{
    cJSON* content = (cJSON *)1;

    // extracting file
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    // reading json
    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    cJSON *res = wm_vuldet_json_fread(VU_DEB_TEMP_FILE);

    assert_ptr_equal(res, content);
}

// Tests wm_vuldet_oval_xml_preparser

void test_wm_vuldet_oval_xml_preparser_invalid_open(void **state)
{
    char *path = NULL;

    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5501): Could not open 'test_path'");
    char *ret = wm_vuldet_oval_xml_preparser(path, FEED_UBUNTU);
    assert_null(ret);
    os_free(path);
}

void test_wm_vuldet_oval_xml_preparser_invalid_tmp_open(void **state)
{
    char *path = NULL;

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // fail to open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5501): Could not open 'tmp/vuln-temp-fitted'");

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    char *ret = wm_vuldet_oval_xml_preparser(path, FEED_UBUNTU);
    assert_null(ret);
    os_free(path);
}

void test_wm_vuldet_oval_xml_preparser_ubuntu(void **state)
{
    char *path = NULL;

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 2);

    // Parsing XML

    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 2);
    will_return(__wrap_fclose, 1);

    char *ret = wm_vuldet_oval_xml_preparser(path, FEED_UBUNTU);
    assert_string_equal(ret, VU_FIT_TEMP_FILE);

    os_free(ret);
    os_free(path);
}

void test_wm_vuldet_oval_xml_preparser_debian(void **state)
{
    char *path = NULL;

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "start?>");

    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find generator start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<generator>");

    will_return(__wrap_fwrite, 1);

    // find generator end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</generator>");

    will_return(__wrap_fwrite, 1);

    // find definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<definitions>");

    will_return(__wrap_fwrite, 1);

    // find definition start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<definition>");

    will_return(__wrap_fwrite, 1);

    // find metadata start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<metadata>");

    will_return(__wrap_fwrite, 1);

    // find metadata end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</metadata>");

    will_return(__wrap_fwrite, 1);

    // ignore criteria
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<criteria>");

    // find definition end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</definition>");

    will_return(__wrap_fwrite, 1);

    // find definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</definitions>");

    will_return(__wrap_fwrite, 1);

    // ignore tests
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<tests>");

    // ignore objects
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<objects>");

    // ignore states
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<states>");

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    char *ret = wm_vuldet_oval_xml_preparser(path, FEED_DEBIAN);
    assert_string_equal(ret, VU_FIT_TEMP_FILE);

    os_free(ret);
    os_free(path);
}

void test_wm_vuldet_oval_xml_preparser_redhat(void **state)
{
    char *path = NULL;

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // first line discarded
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<?xml version=\"1.0\" encoding=\"utf-8\"?>");

    // // Criteria section
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<criteria operator=\"AND\">");

    will_return(__wrap_fwrite, 1);

    // Skip undesired comment
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "libqb is signed with Red Hat redhatrelease2 key");

    // Criteria section
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<criteria operator=\"AND\">");
    will_return(__wrap_fwrite, 1);

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</criteria>");
    will_return(__wrap_fwrite, 1);

    // Skip undesired line
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<![CDATA[(?<=^saved_entry=).*]]> </ind-def:pattern>");

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<ind-def:pattern operation=\"pattern match\"> <![CDATA[(?<=^saved_entry=).*]]> </ind-def:pattern>");

    // random line
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "test line");

    will_return(__wrap_fwrite, 1);

    // skip undisired block
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<definition class='vulnerability' id='oval:com.redhat.unaffected:def:20072764' version='631'>");
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<advisory from='secalert@redhat.com'>");
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</definition>");

    // random line
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "test line");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    char *ret = wm_vuldet_oval_xml_preparser(path, FEED_REDHAT);
    assert_string_equal(ret, VU_FIT_TEMP_FILE);

    os_free(ret);
    os_free(path);
}

void test_wm_vuldet_oval_xml_preparser_invalid_feed(void **state)
{
    char *path = NULL;

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // fail to open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "test");

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    char *ret = wm_vuldet_oval_xml_preparser(path, FEED_NVD);
    assert_null(ret);

    os_free(path);
}

// Tests wm_vuldet_json_rh_parser

void test_wm_vuldet_json_rh_parser_no_bugzilla(void **state)
{
    wm_vuldet_db *parsed_vulnerabilities = *state;

    cJSON* rhfeed = __real_cJSON_Parse(redhat_feed_mock_no_bz);

    if (!rhfeed)
        return;

    will_return(__wrap_time, (time_t)1);

    struct tm *tm_time = NULL;
    os_calloc(1, sizeof(struct tm), tm_time);

    if(!tm_time) {
        __real_cJSON_Delete(rhfeed);
        return;
    }

    will_return(__wrap_localtime, tm_time);

    // Log generated when dummy key is found and bugzilla references are not found
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5410): Unexpected JSON key: 'dummy-key'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5563): Null elements needing value have been found in a node of the feed. The update will not continue.");

    int ret = wm_vuldet_json_rh_parser(rhfeed, parsed_vulnerabilities);

    assert_int_equal(OS_INVALID, ret);

    __real_cJSON_Delete(rhfeed);
    os_free(tm_time);
}

void test_wm_vuldet_json_rh_parser_str_score(void **state)
{
    wm_vuldet_db *parsed_vulnerabilities = *state;

    cJSON* rhfeed = __real_cJSON_Parse(redhat_feed_mock_str_score);

    if (!rhfeed)
        return;

    will_return(__wrap_time, (time_t)1);

    struct tm *tm_time = NULL;
    os_calloc(1, sizeof(struct tm), tm_time);

    if(!tm_time) {
        __real_cJSON_Delete(rhfeed);
        return;
    }

    will_return(__wrap_localtime, tm_time);

    int ret = wm_vuldet_json_rh_parser(rhfeed, parsed_vulnerabilities);

    assert_int_equal(OS_SUCCESS, ret);

    __real_cJSON_Delete(rhfeed);
    os_free(tm_time);
}

void test_wm_vuldet_json_rh_parser_num_score(void **state)
{
    wm_vuldet_db *parsed_vulnerabilities = *state;

    cJSON* rhfeed = __real_cJSON_Parse(redhat_feed_mock_num_score);

    if (!rhfeed)
        return;

    will_return(__wrap_time, (time_t)1);

    struct tm *tm_time = NULL;
    os_calloc(1, sizeof(struct tm), tm_time);

    if(!tm_time) {
        __real_cJSON_Delete(rhfeed);
        return;
    }

    will_return(__wrap_localtime, tm_time);

    int ret = wm_vuldet_json_rh_parser(rhfeed, parsed_vulnerabilities);

    assert_int_equal(OS_SUCCESS, ret);

    __real_cJSON_Delete(rhfeed);
    os_free(tm_time);
}

void test_wm_vuldet_json_rh_parser_decode_pkg_version_error(void **state)
{
    wm_vuldet_db *parsed_vulnerabilities = *state;
    cJSON* rhfeed = __real_cJSON_Parse(redhat_feed_mock_str_score);

    if (!rhfeed)
        return;

    will_return(__wrap_time, (time_t)1);

    struct tm *tm_time = NULL;
    os_calloc(1, sizeof(struct tm), tm_time);

    if(!tm_time) {
        __real_cJSON_Delete(rhfeed);
        return;
    }

    will_return(__wrap_localtime, tm_time);

    int ret = wm_vuldet_json_rh_parser(rhfeed, parsed_vulnerabilities);

    assert_int_equal(OS_SUCCESS, ret);

    __real_cJSON_Delete(rhfeed);
    os_free(tm_time);
}

/* Test wm_vuldet_oval_process */

void test_wm_vuldet_oval_process_xml_preparser_Ubuntu_fail(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'UBUNTU'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // fail to open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5501): Could not open 'tmp/vuln-temp-fitted'");

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_xml_preparser_Debian_fail(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_DEBIAN;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'DEBIAN'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // fail to open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5501): Could not open 'tmp/vuln-temp-fitted'");

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_xml_preparser_ReadXML_fail_Ubuntu(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'UBUNTU'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'UBUNTU'");

    will_return(__wrap_OS_ReadXML, -1);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5502): Could not load the CVE OVAL for 'UBUNTU'. ''");

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_xml_preparser_ReadXML_fail_Debian(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_DEBIAN;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'DEBIAN'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'DEBIAN'");

    will_return(__wrap_OS_ReadXML, -1);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5502): Could not load the CVE OVAL for 'DEBIAN'. ''");

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_xml_preparser_node_NULL_Ubuntu(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    XML_NODE node = NULL;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'UBUNTU'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'UBUNTU'");

    will_return(__wrap_OS_ReadXML, 1);

    will_return(__wrap_OS_GetElementsbyNode, node);

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_xml_preparser_node_NULL_Debian(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    XML_NODE node = NULL;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_DEBIAN;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'DEBIAN'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'DEBIAN'");

    will_return(__wrap_OS_ReadXML, 1);

    will_return(__wrap_OS_GetElementsbyNode, node);

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_xml_preparser_child_node_NULL_Ubuntu(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    xml_node** node = NULL;
    os_calloc(1, sizeof(xml_node), node);

    xml_node** child_node = NULL;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'UBUNTU'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'UBUNTU'");

    will_return(__wrap_OS_ReadXML, 1);

    will_return(__wrap_OS_GetElementsbyNode, node);

    will_return(__wrap_OS_GetElementsbyNode, child_node);

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_xml_preparser_child_node_NULL_Debian(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    xml_node** node = NULL;
    os_calloc(1, sizeof(xml_node), node);

    xml_node** child_node = NULL;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_DEBIAN;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'DEBIAN'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'DEBIAN'");

    will_return(__wrap_OS_ReadXML, 1);

    will_return(__wrap_OS_GetElementsbyNode, node);

    will_return(__wrap_OS_GetElementsbyNode, child_node);

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_oval_xml_parser_invalid_Ubuntu(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    xml_node** node = NULL;
    os_calloc(1, sizeof(xml_node), node);

    xml_node** child_node = NULL;

    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    os_strdup("definition", child_node[0]->element);

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_UBUNTU;
    update->dist_ref = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'UBUNTU'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'UBUNTU'");

    will_return(__wrap_OS_ReadXML, 1);

    will_return(__wrap_OS_GetElementsbyNode, node);

    will_return(__wrap_OS_GetElementsbyNode, child_node);

    //wm_vuldet_oval_xml_parser FAIL

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'definition'.");

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_oval_xml_parser_invalid_Debian(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    xml_node** node = NULL;
    os_calloc(1, sizeof(xml_node), node);

    xml_node** child_node = NULL;

    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    os_strdup("definition", child_node[0]->element);

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_DEBIAN;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'DEBIAN'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'DEBIAN'");

    will_return(__wrap_OS_ReadXML, 1);

    will_return(__wrap_OS_GetElementsbyNode, node);

    will_return(__wrap_OS_GetElementsbyNode, child_node);

    //wm_vuldet_oval_xml_parser FAIL

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'definition'.");

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 1);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_OK_Ubuntu(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    xml_node** node = NULL;
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("id", node[0]->attributes[0]);
    os_strdup("id_value", node[0]->values[0]);
    os_strdup("linux-def:dpkginfo_object", node[0]->element);

    xml_node** child_node = NULL;
    os_calloc(1, sizeof(xml_node), child_node);

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_UBUNTU;
    update->dist_ref = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'UBUNTU'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'UBUNTU'");

    will_return(__wrap_OS_ReadXML, 1);

    will_return(__wrap_OS_GetElementsbyNode, node);

    will_return(__wrap_OS_GetElementsbyNode, child_node);

    //wm_vuldet_oval_xml_parser OK

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 0);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_oval_process_OK_Debian(void **state)
{
    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    if(!update)
        return;

    xml_node** node = NULL;
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("id", node[0]->attributes[0]);
    os_strdup("id_value", node[0]->values[0]);
    os_strdup("linux-def:dpkginfo_object", node[0]->element);

    xml_node** child_node = NULL;
    os_calloc(1, sizeof(xml_node), child_node);

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *path = NULL;

    update->dist_tag_ref = FEED_DEBIAN;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5411): Starting preparse step of feed 'DEBIAN'");

    // open path
    os_strdup("test_path", path);
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // open tmp_path
    expect_string(__wrap_fopen, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "w");
    will_return(__wrap_fopen, 1);

    // Parsing XML
    // find oval definitions start
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "<oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // find oval definitions end
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "</oval_definitions>");

    will_return(__wrap_fwrite, 1);

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    // close opened files
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5412): Starting parse step of feed 'DEBIAN'");

    will_return(__wrap_OS_ReadXML, 1);

    will_return(__wrap_OS_GetElementsbyNode, node);

    will_return(__wrap_OS_GetElementsbyNode, child_node);

    //wm_vuldet_oval_xml_parser OK

    int ret = wm_vuldet_oval_process(update, path, parsed_vulnerabilities);
    assert_int_equal(ret, 0);

    os_free(path);
    os_free(update);
    os_free(parsed_vulnerabilities);
}

// wm_vuldet_oval_xml_parser

void test_wm_vuldet_oval_xml_parser_null_element()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(1, sizeof(update_node), update);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_invalid_element()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "linux-def:dpkginfo_state";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'linux-def:dpkginfo_state'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_constant_invalid_element()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "constant_variable";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'constant_variable'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_test_invalid_element()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "linux-def:dpkginfo_test";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'linux-def:dpkginfo_test'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_element()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "linux-def:dpkginfo_object";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'linux-def:dpkginfo_object'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_definition_invalid_element()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "definition";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'definition'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_criteria_invalid_element()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "criteria";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'criteria'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_other_invalid_element()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "generator";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'generator'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_read_attribute()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("id", node[0]->attributes[0]);
    os_strdup("id_value", node[0]->values[0]);
    os_strdup("linux-def:dpkginfo_state", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    // call for node
    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_ptr_not_equal(parsed_oval->info_states, NULL);

    os_free(parsed_oval->info_states->id);
    os_free(parsed_oval->info_states);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_constant_read_attribute()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("id", node[0]->attributes[0]);
    os_strdup("id_value", node[0]->values[0]);
    os_strdup("constant_variable", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    os_calloc(2, sizeof(char *), child_node[0]->values);
    os_strdup("value", child_node[0]->element);
    os_strdup("id_value", child_node[0]->values[0]);
    os_strdup("id_value", child_node[0]->content);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_int_equal(parsed_oval->vars->elements, 1);

    os_free(parsed_oval->vars->id);
    os_free(parsed_oval->vars->values[0]);
    os_free(parsed_oval->vars->values);
    os_free(parsed_oval->vars);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_test_read_attribute()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("id", node[0]->attributes[0]);
    os_strdup("id_value", node[0]->values[0]);
    os_strdup("linux-def:dpkginfo_test", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Create a fake xml child node so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_tests->id, node[0]->values[0]);

    os_free(parsed_oval->info_tests->id);
    os_free(parsed_oval->info_tests);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_read_attribute()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("id", node[0]->attributes[0]);
    os_strdup("id_value", node[0]->values[0]);
    os_strdup("linux-def:dpkginfo_object", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Create a fake xml child node so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_objs->id, node[0]->values[0]);

    os_free(parsed_oval->info_objs->id);
    os_free(parsed_oval->info_objs);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_no_attribute()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("linux-def:dpkginfo_object", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Create a fake xml child node so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_PACKG);
    assert_int_equal(ret, 0);
    assert_null(parsed_oval->info_objs);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_no_vars()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_obj), parsed_oval->info_objs);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("id", node[0]->attributes[0]);
    os_strdup("id_value", node[0]->values[0]);
    os_strdup("linux-def:name", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5413): Invalid OVAL object type: 'Parameters 'var_check' and 'var_ref' were expected'");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_OBJ);
    assert_int_equal(ret, 0);
    assert_null(parsed_oval->info_objs->obj);

    os_free(parsed_oval->info_objs);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_valid_content()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_obj), parsed_oval->info_objs);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("linux-def:name", node[0]->element);
    os_strdup("id_content", node[0]->content);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_OBJ);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_objs->obj, node[0]->content);

    os_free(parsed_oval->info_objs->obj);
    os_free(parsed_oval->info_objs);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_empty()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("linux-def:name", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5413): Invalid OVAL object type: 'Empty object'");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_OBJ);
    assert_int_equal(ret, 0);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_valid_vars()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_obj), parsed_oval->info_objs);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(3, sizeof(char *), node[0]->attributes);
    os_calloc(3, sizeof(char *), node[0]->values);
    os_strdup("var_check", node[0]->attributes[0]);
    os_strdup("var_ref", node[0]->attributes[1]);
    os_strdup("at least one", node[0]->values[0]);
    os_strdup("random-data-ref", node[0]->values[1]);
    os_strdup("linux-def:name", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_OBJ);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_objs->obj, node[0]->values[1]);

    os_free(parsed_oval->info_objs->obj);
    os_free(parsed_oval->info_objs);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_vars()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(3, sizeof(char *), node[0]->attributes);
    os_calloc(3, sizeof(char *), node[0]->values);
    os_strdup("var_check", node[0]->attributes[0]);
    os_strdup("var_ref", node[0]->attributes[1]);
    os_strdup("at least three", node[0]->values[0]);
    os_strdup("random-data-ref", node[0]->values[1]);
    os_strdup("linux-def:name", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5413): Invalid OVAL object type: 'Unexpected var_check: 'at least three''");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_OBJ);
    assert_int_equal(ret, 0);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_xml_operation()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_state), parsed_oval->info_states);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("operation", node[0]->attributes[0]);
    os_strdup("content_value", node[0]->content);
    os_strdup("value", node[0]->values[0]);
    os_strdup("linux-def:evr", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_OBJ);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_states->operation, node[0]->values[0]);
    assert_string_equal(parsed_oval->info_states->operation_value, node[0]->content);

    os_free(parsed_oval->info_states->operation_value);
    os_free(parsed_oval->info_states->operation);
    os_free(parsed_oval->info_states);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_xml_datatype()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_state), parsed_oval->info_states);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("datatype", node[0]->attributes[0]);
    os_strdup("content_value", node[0]->content);
    os_strdup("version", node[0]->values[0]);
    os_strdup("linux-def:evr", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_OBJ);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_states->operation, vu_package_comp[VU_COMP_EQ]);
    assert_string_equal(parsed_oval->info_states->operation_value, node[0]->content);

    os_free(parsed_oval->info_states->operation_value);
    os_free(parsed_oval->info_states->operation);
    os_free(parsed_oval->info_states);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_state()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_test), parsed_oval->info_tests);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("value_data", node[0]->values[0]);
    os_strdup("state_ref", node[0]->attributes[0]);
    os_strdup("linux-def:state", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_PACKG);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_tests->state, node[0]->values[0]);

    os_free(parsed_oval->info_tests->state);
    os_free(parsed_oval->info_tests);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_ref()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_test), parsed_oval->info_tests);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("value_data", node[0]->values[0]);
    os_strdup("object_ref", node[0]->attributes[0]);
    os_strdup("linux-def:object", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_PACKG);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_tests->obj, node[0]->values[0]);

    os_free(parsed_oval->info_tests->obj);
    os_free(parsed_oval->info_tests);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_valid_definition()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("class", node[0]->attributes[0]);
    os_strdup("vulnerability", node[0]->values[0]);
    os_strdup("definition", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Create a fake xml child node so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, OS_INVALID);
    assert_ptr_not_equal(parsed_oval->vulnerabilities, NULL);
    assert_ptr_not_equal(parsed_oval->info_cves, NULL);

    os_free(parsed_oval->vulnerabilities);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_reference_url()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("ref_url", node[0]->attributes[0]);
    os_strdup("ref_value", node[0]->values[0]);
    os_strdup("reference", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->refs->values[0], node[0]->values[0]);

    os_free(parsed_oval->info_cves->refs->values[0]);
    os_free(parsed_oval->info_cves->refs->values);
    os_free(parsed_oval->info_cves->refs);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_reference_id()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);
    os_calloc(1, sizeof(vulnerability), parsed_oval->vulnerabilities);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("ref_id", node[0]->attributes[0]);
    os_strdup("CVE-1234-1234", node[0]->values[0]);
    os_strdup("reference", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->cveid, node[0]->values[0]);
    assert_string_equal(parsed_oval->vulnerabilities->cve_id, node[0]->values[0]);

    os_free(parsed_oval->info_cves->cveid);
    os_free(parsed_oval->vulnerabilities->cve_id);
    os_free(parsed_oval->vulnerabilities);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_reference_id_cve_exists()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);
    os_calloc(1, sizeof(vulnerability), parsed_oval->vulnerabilities);
    os_strdup("CVE-0123-0123", parsed_oval->vulnerabilities->cve_id);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("ref_id", node[0]->attributes[0]);
    os_strdup("CVE-1234-1234", node[0]->values[0]);
    os_strdup("reference", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->prev->cveid, node[0]->values[0]);

    os_free(parsed_oval->info_cves->cveid);
    os_free(parsed_oval->vulnerabilities->cve_id);
    free_strarray(parsed_oval->vulnerabilities->rhsa_list);
    os_free(parsed_oval->vulnerabilities);
    os_free(parsed_oval->info_cves->prev->cveid);
    os_free(parsed_oval->info_cves->prev);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_title()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);
    os_calloc(1, sizeof(vulnerability), parsed_oval->vulnerabilities);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("ref_id", node[0]->attributes[0]);
    os_strdup("ref_value", node[0]->values[0]);
    os_strdup("title_content", node[0]->content);
    os_strdup("title", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_DEBIAN;
    parsed_oval->OS = "BUSTER";

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->title, node[0]->content);

    os_free(parsed_oval->info_cves->title);
    os_free(parsed_oval->vulnerabilities);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_criteria()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("criteria", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, OS_INVALID);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_operator_OR()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("operator", node[0]->attributes[0]);
    os_strdup("OR", node[0]->values[0]);
    os_strdup("criteria", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child so that the function can end with an error
    will_return(__wrap_OS_GetElementsbyNode, NULL);

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_child_operator_OR()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("operator", node[0]->attributes[0]);
    os_strdup("OR", node[0]->values[0]);
    os_strdup("criteria", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, OS_INVALID);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_operator_AND()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("operator", node[0]->attributes[0]);
    os_strdup("AND", node[0]->values[0]);
    os_strdup("criteria", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child so that the function can end with an error
    will_return(__wrap_OS_GetElementsbyNode, NULL);

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_child_operator_AND()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("operator", node[0]->attributes[0]);
    os_strdup("AND", node[0]->values[0]);
    os_strdup("criteria", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, OS_INVALID);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_operator()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("operator", node[0]->attributes[0]);
    os_strdup("NOR", node[0]->values[0]);
    os_strdup("criteria", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5511): Invalid operator 'NOR'");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, OS_INVALID);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_valid_operator_OR()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("operator", node[0]->attributes[0]);
    os_strdup("OR", node[0]->values[0]);
    os_strdup("criteria", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    os_strdup("random_junk", child_node[0]->element);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criteria_comment_invalid()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("comment", node[0]->attributes[0]);
    os_strdup("file version", node[0]->values[0]);
    os_strdup("criteria", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criteria_comment_invalid_child()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("comment", node[0]->attributes[0]);
    os_strdup("file version", node[0]->values[0]);
    os_strdup("criteria", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, OS_INVALID);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criterion_test_ref()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(vulnerability), parsed_oval->vulnerabilities);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(3, sizeof(char *), node[0]->attributes);
    os_calloc(3, sizeof(char *), node[0]->values);
    os_strdup("test_ref", node[0]->attributes[0]);
    os_strdup("test_ref", node[0]->attributes[1]);
    os_strdup("value_ref", node[0]->values[0]);
    os_strdup("value_ref1", node[0]->values[1]);
    os_strdup("criterion", node[0]->element);
    parsed_oval->vulnerabilities->cve_id = "CVE-id";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(node[0]->values[1], parsed_oval->vulnerabilities->state_id);

    os_free(parsed_oval->vulnerabilities->prev->state_id);
    os_free(parsed_oval->vulnerabilities->state_id);
    os_free(parsed_oval->vulnerabilities->cve_id);
    os_free(parsed_oval->vulnerabilities->prev);
    os_free(parsed_oval->vulnerabilities);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criterion_comment1()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(vulnerability), parsed_oval->vulnerabilities);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("comment", node[0]->attributes[0]);
    os_strdup("criterion", node[0]->element);
    os_strdup("while related to the CVE in some way, a decision has been made to ignore this issue", node[0]->values[0]);
    parsed_oval->vulnerabilities->state_id = "CVE-id";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_int_equal(parsed_oval->vulnerabilities->ignore, 1);

    os_free(parsed_oval->vulnerabilities);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criterion_comment0()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(vulnerability), parsed_oval->vulnerabilities);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("comment", node[0]->attributes[0]);
    os_strdup("criterion", node[0]->element);
    os_strdup("else random", node[0]->values[0]);
    parsed_oval->vulnerabilities->state_id = "CVE-id";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_int_equal(parsed_oval->vulnerabilities->ignore, 0);

    os_free(parsed_oval->vulnerabilities);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_description()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("description", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->description, node[0]->content);

    os_free(parsed_oval->info_cves->description);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_version()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("oval:product_version", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->metadata.product_version, node[0]->content);

    os_free(parsed_oval->metadata.product_version);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_name()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("oval:product_name", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->metadata.product_name, node[0]->content);

    os_free(parsed_oval->metadata.product_name);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_timestamp()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("oval:timestamp", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->metadata.timestamp, node[0]->content);

    os_free(parsed_oval->metadata.timestamp);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_schemav()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("oval:schema_version", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->metadata.schema_version, node[0]->content);

    os_free(parsed_oval->metadata.schema_version);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_date()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("date", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->published, node[0]->content);

    os_free(parsed_oval->info_cves->published);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_public_date()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("public_date", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->published, node[0]->content);

    os_free(parsed_oval->info_cves->published);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_bug()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("bug", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->bugzilla_references->values[0], node[0]->content);

    os_free(parsed_oval->info_cves->bugzilla_references->values[0]);
    os_free(parsed_oval->info_cves->bugzilla_references->values);
    os_free(parsed_oval->info_cves->bugzilla_references);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_ref()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("ref", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->refs->values[0], node[0]->content);

    os_free(parsed_oval->info_cves->refs->values[0]);
    os_free(parsed_oval->info_cves->refs->values);
    os_free(parsed_oval->info_cves->refs);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_updated()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("updated", node[0]->element);
    os_strdup("date", node[0]->attributes[0]);
    os_strdup("value_data", node[0]->values[0]);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->updated, node[0]->values[0]);

    os_free(parsed_oval->info_cves->updated);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_severity()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("description-test", node[0]->content);
    os_strdup("severity", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_cves->severity, node[0]->content);

    os_free(parsed_oval->info_cves->severity);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_null_severity()
{
    XML_NODE node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_cve), parsed_oval->info_cves);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(1, 1, node[0]->content);
    os_strdup("severity", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_null(parsed_oval->info_cves->severity);

    os_free(parsed_oval->info_cves->severity);
    os_free(parsed_oval->info_cves);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_other_invalid()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);

    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("attrb", node[0]->attributes[0]);
    os_strdup("value", node[0]->values[0]);
    os_strdup("generator", node[0]->element);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;

    // Fake child so that the function can end with an error
    os_calloc(2, sizeof(xml_node *), child_node);
    os_calloc(1, sizeof(xml_node), *child_node);
    will_return(__wrap_OS_GetElementsbyNode, child_node);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1231): Invalid NULL element in the configuration.");

    // call for node
    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, OS_INVALID);

    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_redhat_state()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "red-def:rpminfo_state";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_REDHAT;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'red-def:rpminfo_state'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_redhat_test()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "red-def:rpminfo_test";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_REDHAT;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'red-def:rpminfo_test'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_redhat_object()
{
    XML_NODE node = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    node[0]->element = "red-def:rpminfo_object";

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_REDHAT;

    will_return(__wrap_OS_GetElementsbyNode, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(1230): Invalid element in the configuration: 'red-def:rpminfo_object'.");

    int ret = wm_vuldet_oval_xml_parser(NULL, node, NULL, update, 0);

    assert_int_equal(ret, OS_INVALID);

    os_free(node[0]);
    os_free(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_redhat_object_valid_content()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_obj), parsed_oval->info_objs);

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_strdup("red-def:name", node[0]->element);
    os_strdup("id_content", node[0]->content);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_REDHAT;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, VU_OBJ);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_objs->obj, node[0]->content);

    os_free(parsed_oval->info_objs->obj);
    os_free(parsed_oval->info_objs);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_redhat_rhel5_invalid_target()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_state), parsed_oval->info_states);
    parsed_oval->info_states->id = NULL;
    parsed_oval->info_states->prev = NULL;

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("red-def:evr", node[0]->element);
    os_strdup("test-0:23.1.el7", node[0]->content);
    os_strdup("operation", node[0]->attributes[0]);
    os_strdup("less than", node[0]->values[0]);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_REDHAT;
    update->dist_tag_ref = FEED_RHEL5;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);

    os_free(parsed_oval->info_states);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_rhel_architecture_equals()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_state), parsed_oval->info_states);
    parsed_oval->info_states->id = NULL;
    parsed_oval->info_states->prev = NULL;

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("red-def:arch", node[0]->element);
    os_strdup("x86_64", node[0]->content);
    os_strdup("operation", node[0]->attributes[0]);
    os_strdup("equals", node[0]->values[0]);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_REDHAT;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_states->arch[0], node[0]->content);

    os_free(parsed_oval->info_states->arch[0]);
    os_free(parsed_oval->info_states->arch);
    os_free(parsed_oval->info_states);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_rhel_architecture_pattern()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_state), parsed_oval->info_states);
    parsed_oval->info_states->id = NULL;
    parsed_oval->info_states->prev = NULL;

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("red-def:arch", node[0]->element);
    os_strdup("x86_64|i386|aarch64", node[0]->content);
    os_strdup("operation", node[0]->attributes[0]);
    os_strdup("pattern match", node[0]->values[0]);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_REDHAT;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_states->arch[0], "x86_64");
    assert_string_equal(parsed_oval->info_states->arch[1], "i386");
    assert_string_equal(parsed_oval->info_states->arch[2], "aarch64");

    for (int i = 0; parsed_oval->info_states->arch[i]; i++) {
        os_free(parsed_oval->info_states->arch[i]);
    }
    os_free(parsed_oval->info_states->arch);
    os_free(parsed_oval->info_states);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

void test_wm_vuldet_oval_xml_parser_rhel_architecture_noarch()
{
    XML_NODE node = NULL;
    XML_NODE child_node = NULL;
    update_node *update = NULL;
    wm_vuldet_db *parsed_oval = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    os_calloc(1, sizeof(info_state), parsed_oval->info_states);
    parsed_oval->info_states->id = NULL;
    parsed_oval->info_states->prev = NULL;

    //create xml node
    os_calloc(2, sizeof(xml_node *), node);
    os_calloc(1, sizeof(xml_node), *node);
    os_calloc(2, sizeof(char *), node[0]->attributes);
    os_calloc(2, sizeof(char *), node[0]->values);
    os_strdup("red-def:arch", node[0]->element);
    os_strdup("N/A", node[0]->content);
    os_strdup("datatype", node[0]->attributes[0]);
    os_strdup("string", node[0]->values[0]);

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_REDHAT;

    int ret = wm_vuldet_oval_xml_parser(NULL, node, parsed_oval, update, 0);
    assert_int_equal(ret, 0);
    assert_string_equal(parsed_oval->info_states->arch[0], "noarch");

    os_free(parsed_oval->info_states->arch[0]);
    os_free(parsed_oval->info_states->arch);
    os_free(parsed_oval->info_states);
    os_free(parsed_oval);
    OS_ClearNode(node);
    os_free(update);
}

/* Tests wm_vuldet_json_parser */

void test_wm_vuldet_json_parser_file_content_NULL(void **state)
{
    char *json_path = "/test";

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_NVD;
    update->dist_ext = "Windows";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, "/test");
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, OS_SUCCESS);

    will_return(__wrap_w_get_file_content, NULL);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5523): Couldn't get the content of the 'Windows' feed from '/test' file.");

    int ret = wm_vuldet_json_parser(json_path, parsed_vulnerabilities, update);

    assert_int_equal(ret,OS_INVALID);

    os_free(update);
    os_free(parsed_vulnerabilities);

}

void test_wm_vuldet_json_parser_json_nvd_parser_NULL(void **state)
{
    char *json_path = "/test";

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_NVD;
    update->dist_ext = "Windows";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *content = NULL;
    os_strdup("test", content);

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, "/test");
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    will_return(__wrap_w_get_file_content, content);

    will_return(__wrap_wm_vuldet_json_nvd_parser, OS_INVALID);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5524): The 'Windows' feed couldn't be parsed from '/test' file.");

    int ret = wm_vuldet_json_parser(json_path, parsed_vulnerabilities, update);

    assert_int_equal(ret,OS_INVALID);

    os_free(update);
    os_free(parsed_vulnerabilities);
}

void test_wm_vuldet_json_parser_json_fread_NULL(void **state)
{
    char *json_path = VU_DEB_TEMP_FILE;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_DEBIAN;
    update->dist_ext = "Debian";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    char *content = NULL;
    os_strdup("test", content);

    // extracting file
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 0);

    // at wm_vuldet_json_fread
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, OS_INVALID);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5524): The 'Debian' feed couldn't be parsed from 'tmp/vuln-temp-deb' file.");

    int ret = wm_vuldet_json_parser(json_path, parsed_vulnerabilities, update);

    assert_int_equal(ret,OS_INVALID);

    os_free(update);
    os_free(parsed_vulnerabilities);
    os_free(content);

}

void test_wm_vuldet_json_parser_feed_redhat(void **state)
{
    char *json_path = VU_FIT_TEMP_FILE;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_JREDHAT;
    update->dist_ext = "Red Hat";

    cJSON* rhfeed = __real_cJSON_Parse(redhat_feed_mock_no_bz);

    if (!rhfeed)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        __real_cJSON_Delete(rhfeed);
        return;
    }

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    // reading json

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_FIT_TEMP_FILE);
    will_return(__wrap_json_fread, rhfeed);

    expect_function_call(__wrap_cJSON_Delete);

    // wm_vuldet_json_rh_parser
    will_return(__wrap_time, (time_t)1);

    struct tm *tm_time = NULL;
    os_calloc(1, sizeof(struct tm), tm_time);

    if(!tm_time) {
        __real_cJSON_Delete(rhfeed);
        return;
    }

    will_return(__wrap_localtime, tm_time);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5410): Unexpected JSON key: 'dummy-key'");
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5563): Null elements needing value have been found in a node of the feed. The update will not continue.");

    int ret = wm_vuldet_json_parser(json_path, parsed_vulnerabilities, update);

    assert_int_equal(ret, OS_INVALID);

    os_free(parsed_vulnerabilities);
    os_free(update);
    __real_cJSON_Delete(rhfeed);
    os_free(tm_time);

}

void test_wm_vuldet_json_parser_json_wcpe_parser(void **state)
{
    char *json_path = VU_DEB_TEMP_FILE;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_CPEW;
    update->dist_ext = "Test CPEW";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    //test_wm_vuldet_json_fread_not_compressed_ok
    cJSON* content = (cJSON *)1;

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 0);

    // reading json

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_FIT_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    will_return(__wrap_cJSON_GetObjectItem, NULL);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_json_parser(json_path, parsed_vulnerabilities, update);

    assert_int_equal(ret, OS_INVALID);

    os_free(parsed_vulnerabilities);
    os_free(update);

}

void test_wm_vuldet_json_parser_json_msu_parser(void **state)
{
    char *json_path = VU_DEB_TEMP_FILE;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "Test MSU";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    //test_wm_vuldet_json_fread_not_compressed_ok
    cJSON* content = (cJSON *)1;

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 0);

    // reading json

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_FIT_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    will_return(__wrap_cJSON_GetObjectItem, NULL);

    will_return(__wrap_cJSON_GetObjectItem, NULL);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_json_parser(json_path, parsed_vulnerabilities, update);

    assert_int_equal(ret, OS_SUCCESS);

    os_free(parsed_vulnerabilities);
    os_free(update);
}

void test_wm_vuldet_json_parser_json_unknown(void **state)
{
    char *json_path = VU_DEB_TEMP_FILE;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UNKNOWN;
    update->dist_ext = "Test UNKNOWN";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    //test_wm_vuldet_json_fread_not_compressed_ok
    cJSON* content = (cJSON *)1;

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 0);

    // reading json

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_FIT_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_FIT_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_json_parser(json_path, parsed_vulnerabilities, update);

    assert_int_equal(ret, OS_INVALID);

    os_free(parsed_vulnerabilities);
    os_free(update);
}

/* wm_vuldet_index_debian */

void test_wm_vuldet_index_debian_fail_debian_feed(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    char *target = NULL;
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 30;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'https://security-tracker.debian.org/tracker/data/json'");

    //for attempts == WM_VULNDETECTOR_DOWN_ATTEMPTS
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 30);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '0' seconds.");
    expect_value(__wrap_sleep, seconds, 0);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 30);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '1' seconds.");
    expect_value(__wrap_sleep, seconds, 1);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 30);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '2' seconds.");
    expect_value(__wrap_sleep, seconds, 2);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 30);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '3' seconds.");
    expect_value(__wrap_sleep, seconds, 3);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 30);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);
    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '4' seconds.");
    expect_value(__wrap_sleep, seconds, 4);

    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, DEBIAN_REPO_STATUS);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_DEB_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, 30);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 1);

    // Logging warn and going to end
    expect_string(__wrap__mtwarn, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtwarn, formatted_msg, "(5583): Couldn't get the Debian feed 'https://security-tracker.debian.org/tracker/data/json' to check the vulnerable packages.");

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);
}

void test_wm_vuldet_index_debian_package_json_NULL(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = NULL;
    content->child = package_json;
    content->next = NULL;

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");

    // closing file
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_cve_json_NULL(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    content->next = NULL;
    package_json->next = NULL;
    os_strdup("test_pkg", package_json->string);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_cve_json_temp(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    os_strdup("test_pkg", package_json->string);
    os_strdup("TEMP-000", cve_json->string);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_releases_json_NULL(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while
    will_return(__wrap_cJSON_GetObjectItem, releases_json);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_target_json_NULL(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while
    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_prepare_error(void **state)
{
    sqlite3 *db = (sqlite3 *)1;
    char *target = NULL;
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = __real_cJSON_CreateObject();
    cJSON* status_json = NULL;
    cJSON* version_json = NULL;
    cJSON* urgency_json = NULL;
    cJSON* reason_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    releases_json->next = target_json;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while
    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);
    will_return(__wrap_cJSON_GetObjectItem, status_json);
    will_return(__wrap_cJSON_GetObjectItem, version_json);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json);
    will_return(__wrap_cJSON_GetObjectItem, reason_json);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    expect_function_call(__wrap_cJSON_Delete);

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, SQLITE_OK);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, -1);
    os_free(update);

}

void test_wm_vuldet_index_debian_step_error(void **state)
{
    char *version_null = "0:0";
    char *operation = "less than";

    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = __real_cJSON_CreateObject();
    cJSON* status_json = NULL;
    cJSON* version_json = NULL;
    cJSON* urgency_json = NULL;
    cJSON* reason_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    releases_json->next = target_json;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while
    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);
    will_return(__wrap_cJSON_GetObjectItem, status_json);
    will_return(__wrap_cJSON_GetObjectItem, version_json);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json);
    will_return(__wrap_cJSON_GetObjectItem, reason_json);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-000");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, version_null);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_function_call(__wrap_cJSON_Delete);

    will_return(__wrap_sqlite3_errmsg, "error");

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    will_return(__wrap_sqlite3_close_v2, SQLITE_ERROR);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, -1);
    os_free(update);

}

void test_wm_vuldet_index_debian_unfixed(void **state)
{
    char *version_null = "0:0";
    char *operation = "less than";
    int ignore = 0;

    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = __real_cJSON_CreateObject();
    cJSON* status_json = __real_cJSON_CreateObject();
    cJSON* version_json = NULL;
    cJSON* urgency_json = NULL;
    cJSON* reason_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    releases_json->next = target_json;
    target_json->next = status_json;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);
    os_strdup("open", status_json->valuestring);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while
    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);
    will_return(__wrap_cJSON_GetObjectItem, status_json);
    will_return(__wrap_cJSON_GetObjectItem, version_json);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json);
    will_return(__wrap_cJSON_GetObjectItem, reason_json);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-000");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, version_null);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, ignore);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_fixed(void **state)
{
    char *operation = "less than";
    int ignore = 0;

    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = __real_cJSON_CreateObject();
    cJSON* status_json = __real_cJSON_CreateObject();
    cJSON* version_json = __real_cJSON_CreateObject();
    cJSON* urgency_json = NULL;
    cJSON* reason_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    releases_json->next = target_json;
    target_json->next = status_json;
    status_json->next = version_json;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);
    os_strdup("resolved", status_json->valuestring);
    os_strdup("1:2.3-4", version_json->valuestring);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while
    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);
    will_return(__wrap_cJSON_GetObjectItem, status_json);
    will_return(__wrap_cJSON_GetObjectItem, version_json);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json);
    will_return(__wrap_cJSON_GetObjectItem, reason_json);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-000");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "1:2.3-4");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, ignore);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_not_affected(void **state)
{
    char *version_null = "0:0";
    char *operation = "less than";
    int ignore = 1;

    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = __real_cJSON_CreateObject();
    cJSON* status_json = __real_cJSON_CreateObject();
    cJSON* version_json = __real_cJSON_CreateObject();
    cJSON* urgency_json = NULL;
    cJSON* reason_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    releases_json->next = target_json;
    target_json->next = status_json;
    status_json->next = version_json;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);
    os_strdup("resolved", status_json->valuestring);
    os_strdup("0", version_json->valuestring);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while
    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);
    will_return(__wrap_cJSON_GetObjectItem, status_json);
    will_return(__wrap_cJSON_GetObjectItem, version_json);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json);
    will_return(__wrap_cJSON_GetObjectItem, reason_json);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-000");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, version_null);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, ignore);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_urgency_end_of_life(void **state)
{
    char *version_null = "0:0";
    char *operation = "less than";
    int ignore = 1;

    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = __real_cJSON_CreateObject();
    cJSON* status_json = __real_cJSON_CreateObject();
    cJSON* version_json = NULL;
    cJSON* urgency_json = __real_cJSON_CreateObject();
    cJSON* reason_json = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    releases_json->next = target_json;
    target_json->next = status_json;
    status_json->next = urgency_json;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);
    os_strdup("open", status_json->valuestring);
    os_strdup("end-of-life", urgency_json->valuestring);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while
    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);
    will_return(__wrap_cJSON_GetObjectItem, status_json);
    will_return(__wrap_cJSON_GetObjectItem, version_json);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json);
    will_return(__wrap_cJSON_GetObjectItem, reason_json);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-000");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, version_null);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, ignore);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_reason_ignored(void **state)
{
    char *version_null = "0:0";
    char *operation = "less than";
    int ignore = 1;

    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = __real_cJSON_CreateObject();
    cJSON* status_json = __real_cJSON_CreateObject();
    cJSON* version_json = NULL;
    cJSON* urgency_json = NULL;
    cJSON* reason_json = __real_cJSON_CreateObject();
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = NULL;
    releases_json->next = target_json;
    target_json->next = status_json;
    status_json->next = reason_json;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);
    os_strdup("open", status_json->valuestring);
    os_strdup("ignored", reason_json->valuestring);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while
    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);
    will_return(__wrap_cJSON_GetObjectItem, status_json);
    will_return(__wrap_cJSON_GetObjectItem, version_json);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json);
    will_return(__wrap_cJSON_GetObjectItem, reason_json);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-000");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, version_null);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, ignore);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_multiple_cves(void **state)
{
    char *version_null = "0:0";
    char *operation = "less than";
    int ignore = 0;
    int ignore2 = 1;

    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = __real_cJSON_CreateObject();
    cJSON* status_json = __real_cJSON_CreateObject();
    cJSON* version_json = __real_cJSON_CreateObject();
    cJSON* urgency_json = NULL;
    cJSON* reason_json = NULL;
    cJSON* cve_json2 = __real_cJSON_CreateObject();
    cJSON* releases_json2 = __real_cJSON_CreateObject();
    cJSON* target_json2 = __real_cJSON_CreateObject();
    cJSON* status_json2 = __real_cJSON_CreateObject();
    cJSON* version_json2 = NULL;
    cJSON* urgency_json2 = __real_cJSON_CreateObject();
    cJSON* reason_json2 = NULL;
    content->child = package_json;
    package_json->child = cve_json;
    cve_json->child = releases_json;
    cve_json2->child = releases_json2;
    content->next = NULL;
    package_json->next = NULL;
    cve_json->next = cve_json2;
    cve_json2->next = NULL;
    releases_json->next = target_json;
    releases_json2->next = target_json2;
    target_json->next = status_json;
    target_json2->next = status_json2;
    status_json->next = version_json;
    status_json2->next = urgency_json2;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);
    os_strdup("resolved", status_json->valuestring);
    os_strdup("2:3.4.5-6", version_json->valuestring);
    os_strdup("CVE-001", cve_json2->string);
    os_strdup("open", status_json2->valuestring);
    os_strdup("end-of-life", urgency_json2->valuestring);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while

    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);
    will_return(__wrap_cJSON_GetObjectItem, status_json);
    will_return(__wrap_cJSON_GetObjectItem, version_json);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json);
    will_return(__wrap_cJSON_GetObjectItem, reason_json);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-000");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "2:3.4.5-6");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, ignore);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    will_return(__wrap_cJSON_GetObjectItem, releases_json2);
    will_return(__wrap_cJSON_GetObjectItem, target_json2);
    will_return(__wrap_cJSON_GetObjectItem, status_json2);
    will_return(__wrap_cJSON_GetObjectItem, version_json2);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json2);
    will_return(__wrap_cJSON_GetObjectItem, reason_json2);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-001");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, version_null);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, ignore2);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

void test_wm_vuldet_index_debian_multiple_packages(void **state)
{
    char *version_null = "0:0";
    char *operation = "less than";
    int ignore = 0;
    int ignore2 = 1;

    sqlite3 *db = (sqlite3 *)1;
    char *target = "test";
    update_node *update;
    os_calloc(1, sizeof(update_node), update);
    update->timeout = 0;

    cJSON* content = (cJSON *)*state;
    cJSON* package_json = __real_cJSON_CreateObject();
    cJSON* cve_json = __real_cJSON_CreateObject();
    cJSON* releases_json = __real_cJSON_CreateObject();
    cJSON* target_json = __real_cJSON_CreateObject();
    cJSON* status_json = __real_cJSON_CreateObject();
    cJSON* version_json = NULL;
    cJSON* urgency_json = NULL;
    cJSON* reason_json = NULL;
    cJSON* package_json2 = __real_cJSON_CreateObject();
    cJSON* cve_json2 = __real_cJSON_CreateObject();
    cJSON* releases_json2 = __real_cJSON_CreateObject();
    cJSON* target_json2 = __real_cJSON_CreateObject();
    cJSON* status_json2 = __real_cJSON_CreateObject();
    cJSON* version_json2 = NULL;
    cJSON* urgency_json2 = NULL;
    cJSON* reason_json2 = __real_cJSON_CreateObject();
    content->child = package_json;
    package_json->child = cve_json;
    package_json2->child = cve_json2;
    cve_json->child = releases_json;
    cve_json2->child = releases_json2;
    content->next = NULL;
    package_json->next = package_json2;
    package_json2->next = NULL;
    cve_json->next = NULL;
    cve_json2->next = NULL;
    releases_json->next = target_json;
    releases_json2->next = target_json2;
    target_json->next = status_json;
    target_json2->next = status_json2;
    status_json2->next = reason_json2;
    os_strdup("test_pkg", package_json->string);
    os_strdup("CVE-000", cve_json->string);
    os_strdup("open", status_json->valuestring);
    os_strdup("test_pkg2", package_json2->string);
    os_strdup("CVE-001", cve_json2->string);
    os_strdup("open", status_json2->valuestring);
    os_strdup("ignored", reason_json2->valuestring);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5420): Indexing vulnerabilities from the Debian Security Tracker.");

    // opening file
    expect_string(__wrap_fopen, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // closing file
    expect_string(__wrap__mtdebug2, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug2, formatted_msg, "(5436): Fetching Debian Security Tracker from 'tmp/vuln-temp-deb'");
    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    //while

    will_return(__wrap_cJSON_GetObjectItem, releases_json);
    will_return(__wrap_cJSON_GetObjectItem, target_json);
    will_return(__wrap_cJSON_GetObjectItem, status_json);
    will_return(__wrap_cJSON_GetObjectItem, version_json);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json);
    will_return(__wrap_cJSON_GetObjectItem, reason_json);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-000");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, version_null);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, ignore);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    will_return(__wrap_cJSON_GetObjectItem, releases_json2);
    will_return(__wrap_cJSON_GetObjectItem, target_json2);
    will_return(__wrap_cJSON_GetObjectItem, status_json2);
    will_return(__wrap_cJSON_GetObjectItem, version_json2);
    will_return(__wrap_cJSON_GetObjectItem, urgency_json2);
    will_return(__wrap_cJSON_GetObjectItem, reason_json2);

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-001");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "test_pkg2");
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, operation);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, version_null);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, ignore2);
    will_return(__wrap_sqlite3_bind_int, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_debian(db, target, update);

    assert_int_equal(ret, 0);
    os_free(update);

}

//Tests wm_vuldet_index_json
void test_wm_vuldet_index_json_no_multipath_parser_invalid(void **state)
{
    char *path = VU_DEB_TEMP_FILE;
    char multi_path = 0;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_CPEW;
    update->dist_ext = "Test CPEW";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    //test_wm_vuldet_json_parser_json_wcpe_parser
    cJSON* content = (cJSON *)1;

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, VU_DEB_TEMP_FILE);
    will_return(__wrap_json_fread, content);

    will_return(__wrap_cJSON_GetObjectItem, NULL);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, -1);

    os_free(update);
    os_free(parsed_vulnerabilities);

}

void test_wm_vuldet_index_json_no_multipath_vu_not_need_update(void **state)
{
    char *path = VU_DEB_TEMP_FILE;
    char multi_path = 0;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_NVD;
    update->dist_ext = "Test NVD";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    //wm_vuldet_json_parser
    char *content = NULL;
    os_strdup("test", content);

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, VU_DEB_TEMP_FILE);
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    will_return(__wrap_w_get_file_content, content);

    will_return(__wrap_wm_vuldet_json_nvd_parser, VU_NOT_NEED_UPDATE);

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, VU_NOT_NEED_UPDATE);

    os_free(update);
    os_free(parsed_vulnerabilities);

}

void test_wm_vuldet_index_json_multipath_error(void **state)
{
    char *path = VU_DEB_TEMP_FILE;
    char multi_path = 1;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "Test MSU";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5551): Invalid multi_path 'tmp/vuln-temp-deb': 'relative path'");

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, -1);

    os_free(update);
    os_free(parsed_vulnerabilities);

}

void test_wm_vuldet_index_json_multipath_opendir_fail(void **state)
{
    char *path = "/test/test2";
    char multi_path = 1;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "Test MSU";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    will_return(__wrap_opendir, 0);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5551): Invalid multi_path '/test': 'Error opening path'");

    char* strerr = NULL;
    os_strdup("Error opening path", strerr);
    will_return(__wrap_strerror, strerr);

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, -1);

    os_free(update);
    os_free(parsed_vulnerabilities);
    os_free(strerr);

}

void test_wm_vuldet_index_json_multipath_regcomp_fail(void **state)
{
    char *path = "/test/^!4r****t'2,";
    char multi_path = 1;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "Test MSU";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    will_return(__wrap_opendir, 1);

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5552): Cannot compile '^!4r****t'2,' regular expression.");

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, -1);

    os_free(update);
    os_free(parsed_vulnerabilities);

}

void test_wm_vuldet_index_json_multipath_readdir_NULL(void **state)
{
    char *path = "/test/test2";
    char multi_path = 1;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "Test MSU";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    will_return(__wrap_opendir, 1);

    will_return(__wrap_readdir, NULL);

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, 0);

    os_free(update);
    os_free(parsed_vulnerabilities);

}

void test_wm_vuldet_index_json_multipath_path_not_file(void **state)
{
    char *path = "/test/test2";
    char multi_path = 1;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "Test MSU";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    struct dirent *entry;
    os_calloc(1, sizeof(struct dirent), entry);
    strcpy(entry->d_name, "test");

    will_return(__wrap_opendir, 1);

    will_return(__wrap_readdir, entry);

    expect_string(__wrap_w_is_file, file, "/test/test");
    will_return(__wrap_w_is_file, 0);

    will_return(__wrap_readdir, NULL);

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, 0);

    os_free(update);
    os_free(parsed_vulnerabilities);
    os_free(entry);

}

void test_wm_vuldet_index_json_multipath_no_regexec(void **state)
{
    char *path = "/test/test2";
    char multi_path = 1;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "Test MSU";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    struct dirent *entry;
    os_calloc(1, sizeof(struct dirent), entry);
    strcpy(entry->d_name, "test");

    will_return(__wrap_opendir, 1);

    will_return(__wrap_readdir, entry);

    expect_string(__wrap_w_is_file, file, "/test/test");
    will_return(__wrap_w_is_file, 1);

    will_return(__wrap_readdir, NULL);

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, 0);

    os_free(update);
    os_free(parsed_vulnerabilities);
    os_free(entry);

}

void test_wm_vuldet_index_json_multipath_update_json_feed(void **state)
{
    char *path = "/test/*test";
    char multi_path = 1;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_CPEW;
    update->dist_ext = "Test CPEW";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    struct dirent *entry;
    os_calloc(1, sizeof(struct dirent), entry);
    strcpy(entry->d_name, "*test");

    will_return(__wrap_opendir, 1);

    will_return(__wrap_readdir, entry);

    expect_string(__wrap_w_is_file, file, "/test/*test");
    will_return(__wrap_w_is_file, 1);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5408): Updating from '/test/*test'");

    //test_wm_vuldet_json_parser_json_wcpe_parser
    cJSON* content = (cJSON *)1;

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, "/test/*test");
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, "/test/*test");
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, "/test/*test");
    will_return(__wrap_json_fread, content);

    will_return(__wrap_cJSON_GetObjectItem, NULL);

    expect_function_call(__wrap_cJSON_Delete);

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, -1);

    os_free(update);
    os_free(parsed_vulnerabilities);
    os_free(entry);

}

void test_wm_vuldet_index_json_multipath_OK(void **state)
{
    char *path = "/test/*test";
    char multi_path = 1;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "Test MSU";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    struct dirent *entry;
    os_calloc(1, sizeof(struct dirent), entry);
    strcpy(entry->d_name, "*test");

    will_return(__wrap_opendir, 1);

    will_return(__wrap_readdir, entry);

    expect_string(__wrap_w_is_file, file, "/test/*test");
    will_return(__wrap_w_is_file, 1);

    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5408): Updating from '/test/*test'");

    //test_wm_vuldet_json_fread_not_compressed_ok
    cJSON* content = (cJSON *)1;

    // reading json
    expect_string(__wrap_w_uncompress_bz2_gz_file, path, "/test/*test");
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_FIT_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_w_uncompress_bz2_gz_file, path, "/test/*test");
    expect_string(__wrap_w_uncompress_bz2_gz_file, dest, VU_TEMP_FILE);
    will_return(__wrap_w_uncompress_bz2_gz_file, 1);

    expect_string(__wrap_json_fread, path, "/test/*test");
    will_return(__wrap_json_fread, content);

    will_return(__wrap_cJSON_GetObjectItem, NULL);

    will_return(__wrap_cJSON_GetObjectItem, NULL);

    expect_function_call(__wrap_cJSON_Delete);

    will_return(__wrap_readdir, NULL);

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, 0);

    os_free(update);
    os_free(parsed_vulnerabilities);
    os_free(entry);

}

void test_wm_vuldet_index_json_multipath_path_with_dots(void **state)
{
    char *path = "/test/test2";
    char multi_path = 1;

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "Test MSU";

    if(!update)
        return;

    wm_vuldet_db *parsed_vulnerabilities = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), parsed_vulnerabilities);

    if(!parsed_vulnerabilities) {
        return;
    }

    struct dirent *entry;
    os_calloc(1, sizeof(struct dirent), entry);
    strcpy(entry->d_name, "..");

    will_return(__wrap_opendir, 1);

    will_return(__wrap_readdir, entry);

    struct dirent *new_entry;
    os_calloc(1, sizeof(struct dirent), new_entry);
    strcpy(new_entry->d_name, "test2");

    will_return(__wrap_readdir, new_entry);

    expect_string(__wrap_w_is_file, file, "/test/test2");
    will_return(__wrap_w_is_file, 0);

    will_return(__wrap_readdir, NULL);

    int ret = wm_vuldet_index_json(parsed_vulnerabilities, update, path, multi_path);

    assert_int_equal(ret, 0);

    os_free(update);
    os_free(parsed_vulnerabilities);
    os_free(entry);
    os_free(new_entry);

}

// Tests wm_vuldet_get_cve_year

void test_wm_vuldet_get_cve_year(void **state)
{
    int year = wm_vuldet_get_cve_year("CVE-2010-1234");

    assert_int_equal(2010, year);
}

// Tests wm_vuldet_set_feed_update_url

void test_wm_vuldet_set_feed_update_url_discard_non_harcoded(void **state)
{
    bool ret;
    int ind_dist;
    int dist_ref[] = {FEED_JREDHAT, FEED_NVD, FEED_CPED, FEED_CPEW, FEED_MSU};

    update_node *update = NULL;
    os_calloc(1, sizeof(update_node), update);

    update->url = "test_url";
    ret = wm_vuldet_set_feed_update_url(update);
    assert_true(ret);
    update->url = NULL;

    for (ind_dist = 0; ind_dist < sizeof(dist_ref)/sizeof(int); ind_dist++) {
        update->dist_ref = dist_ref[ind_dist];
        ret = wm_vuldet_set_feed_update_url(update);
        assert_true(ret);
    }

    os_free(update);
}

void test_wm_vuldet_set_feed_update_url_ubuntu(void **state)
{
    bool ret;
    update_node *update = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_UBUNTU;
    update->version = "bionic";

    ret = wm_vuldet_set_feed_update_url(update);
    assert_true(ret);
    assert_string_equal(update->url, "https://people.canonical.com/~ubuntu-security/oval/com.ubuntu.bionic.cve.oval.xml.bz2");

    os_free(update->url);
    os_free(update);
}

void test_wm_vuldet_set_feed_update_url_debian(void **state)
{
    bool ret;
    update_node *update = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_DEBIAN;
    update->version = "buster";

    ret = wm_vuldet_set_feed_update_url(update);
    assert_true(ret);
    assert_string_equal(update->url, "https://www.debian.org/security/oval/oval-definitions-buster.xml");

    os_free(update->url);
    os_free(update);
}

void test_wm_vuldet_set_feed_update_url_redhat_5(void **state)
{
    bool ret;
    update_node *update = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_REDHAT;
    update->dist_tag_ref = FEED_RHEL5;

    ret = wm_vuldet_set_feed_update_url(update);
    assert_true(ret);
    assert_string_equal(update->url, "https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL5.xml.bz2");

    os_free(update->url);
    os_free(update);
}

void test_wm_vuldet_set_feed_update_url_redhat_greater_5(void **state)
{
    bool ret;
    int ind_dist;
    int dist_tag_ref[] = {FEED_RHEL6, FEED_RHEL7, FEED_RHEL8};
    update_node *update = NULL;
    char *url = NULL;
    char version[2];

    os_calloc(1, sizeof(update_node), update);
    os_calloc(1, OS_SIZE_2048 + 1, url);
    update->dist_ref = FEED_REDHAT;

    for (ind_dist = 6; ind_dist < sizeof(dist_tag_ref)/sizeof(int); ind_dist++) {
        update->dist_tag_ref = dist_tag_ref[ind_dist-6];
        snprintf(version, 2, "%d", ind_dist);
        update->version = version;

        ret = wm_vuldet_set_feed_update_url(update);
        assert_true(ret);
        snprintf(url, OS_SIZE_2048, RED_HAT_REPO, version, version);
        assert_string_equal(update->url, url);
        os_free(update->url);
    }

    os_free(url);
    os_free(update);
}

void test_wm_vuldet_set_feed_update_url_invalid(void **state)
{
    bool ret;
    update_node *update = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = 100;

    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5505): Invalid OS version.");

    ret = wm_vuldet_set_feed_update_url(update);
    assert_false(ret);

    os_free(update);
}

// Tests wm_vuldet_oval_append_rhsa

void test_wm_vuldet_oval_append_rhsa_empty(void **state)
{
    int ret;
    vulnerability *vul_it = NULL;
    char * CVE = "CVE-1234-1234";

    os_calloc(1, sizeof(vulnerability), vul_it);
    wm_vuldet_oval_append_rhsa(vul_it, CVE);
    assert_string_equal(vul_it->rhsa_list[0], CVE);

    free_strarray(vul_it->rhsa_list);
    os_free(vul_it);
}

void test_wm_vuldet_oval_append_rhsa_realloc(void **state)
{
    int ret;
    int ind_cve;
    vulnerability *vul_it = NULL;
    char * CVE = NULL;

    os_calloc(1, sizeof(vulnerability), vul_it);
    os_calloc(1, OS_SIZE_2048 + 1, CVE);
    for (ind_cve = 0; ind_cve < 7; ind_cve++) {
        snprintf(CVE, OS_SIZE_2048, "CVE-1234-123%d", ind_cve);
        wm_vuldet_oval_append_rhsa(vul_it, CVE);
        assert_string_equal(vul_it->rhsa_list[ind_cve], CVE);
    }

    free_strarray(vul_it->rhsa_list);
    os_free(vul_it);
    os_free(CVE);
}

// Tests wm_vuldet_oval_copy_rhsa

void test_wm_vuldet_oval_copy_rhsa(void **state)
{
    int ret;
    int ind_cve;
    vulnerability *vul_it_src = NULL;
    vulnerability *vul_it_dst = NULL;
    char * CVE = NULL;

    os_calloc(1, sizeof(vulnerability), vul_it_src);
    os_calloc(1, sizeof(vulnerability), vul_it_dst);
    os_calloc(1, OS_SIZE_2048 + 1, CVE);

    for (ind_cve = 0; ind_cve < 5; ind_cve++) {
        snprintf(CVE, OS_SIZE_2048, "CVE-1234-123%d", ind_cve);
        wm_vuldet_oval_append_rhsa(vul_it_src, CVE);
    }

    wm_vuldet_oval_copy_rhsa(vul_it_src, vul_it_dst);

    for (ind_cve = 0; ind_cve < 5; ind_cve++) {
        snprintf(CVE, OS_SIZE_2048, "CVE-1234-123%d", ind_cve);
        assert_string_equal(vul_it_dst->rhsa_list[ind_cve], CVE);
    }

    free_strarray(vul_it_src->rhsa_list);
    free_strarray(vul_it_dst->rhsa_list);
    os_free(vul_it_src);
    os_free(vul_it_dst);
    os_free(CVE);
}

// Tests wm_vuldet_oval_traverse_rhsa

void test_wm_vuldet_oval_traverse_rhsa_one(void **state)
{
    int ret;
    int ind_cve;
    vulnerability *vul_it = NULL;

    os_calloc(1, sizeof(vulnerability), vul_it);
    vul_it->state_id = "state_id";

    wm_vuldet_oval_append_rhsa(vul_it, "CVE-1234-1234");
    wm_vuldet_oval_traverse_rhsa(vul_it);

    assert_null(vul_it->rhsa_list);
    assert_non_null(vul_it->prev);
    assert_non_null(vul_it->prev->cve_id);
    assert_non_null(vul_it->prev->state_id);

    os_free(vul_it->prev->cve_id);
    os_free(vul_it->prev->state_id);
    os_free(vul_it->prev);
    os_free(vul_it);
}

void test_wm_vuldet_oval_traverse_rhsa_two(void **state)
{
    int ret;
    int ind_cve;
    vulnerability *vul_it = NULL;
    char * CVE = NULL;

    os_calloc(1, sizeof(vulnerability), vul_it);
    os_calloc(1, OS_SIZE_2048 + 1, CVE);
    vul_it->state_id = "state_id";

    for (ind_cve = 0; ind_cve < 2; ind_cve++) {
        snprintf(CVE, OS_SIZE_2048, "CVE-1234-123%d", ind_cve);
        wm_vuldet_oval_append_rhsa(vul_it, CVE);
    }

    wm_vuldet_oval_traverse_rhsa(vul_it);

    assert_null(vul_it->prev->rhsa_list);
    assert_non_null(vul_it->prev->prev);
    assert_non_null(vul_it->prev->prev->cve_id);
    assert_non_null(vul_it->prev->prev->state_id);
    assert_null(vul_it->rhsa_list);
    assert_non_null(vul_it->prev);
    assert_non_null(vul_it->prev->cve_id);
    assert_non_null(vul_it->prev->state_id);

    os_free(vul_it->prev->prev->cve_id);
    os_free(vul_it->prev->prev->state_id);
    os_free(vul_it->prev->prev);
    os_free(vul_it->prev->cve_id);
    os_free(vul_it->prev->state_id);
    os_free(vul_it->prev);
    os_free(vul_it);
    os_free(CVE);
}

// Tests wm_vuldet_add_oval_vulnerability

void test_wm_vuldet_add_oval_vulnerability_no_vulnerability(void **state)
{
    wm_vuldet_db *ctrl_block = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), ctrl_block);

    wm_vuldet_add_oval_vulnerability(ctrl_block);
    assert_non_null(ctrl_block->vulnerabilities);
    assert_null(ctrl_block->vulnerabilities->prev);

    os_free(ctrl_block->vulnerabilities);
    os_free(ctrl_block);
}

void test_wm_vuldet_add_oval_vulnerability_with_vulnerability(void **state)
{
    wm_vuldet_db *ctrl_block = NULL;
    vulnerability *vul_it = NULL;

    os_calloc(1, sizeof(wm_vuldet_db), ctrl_block);
    os_calloc(1, sizeof(vulnerability), vul_it);
    ctrl_block->vulnerabilities = vul_it;

    wm_vuldet_add_oval_vulnerability(ctrl_block);
    assert_non_null(ctrl_block->vulnerabilities);
    assert_non_null(ctrl_block->vulnerabilities->prev);

    os_free(ctrl_block->vulnerabilities->prev);
    os_free(ctrl_block->vulnerabilities);
    os_free(ctrl_block);
}

// Tests wm_vuldet_clean_vulnerability_info

void test_wm_vuldet_clean_vulnerability_info_no_info_cves(void **state)
{
    wm_vuldet_db *ctrl_block = NULL;
    os_calloc(1, sizeof(wm_vuldet_db), ctrl_block);

    assert_null(ctrl_block->info_cves);
    wm_vuldet_clean_vulnerability_info(ctrl_block);

    os_free(ctrl_block);
}

void test_wm_vuldet_clean_vulnerability_info_one_info_cves(void **state)
{
    wm_vuldet_db *ctrl_block = NULL;
    info_cve *info_cves = *state;

    os_calloc(1, sizeof(wm_vuldet_db), ctrl_block);
    ctrl_block->info_cves = info_cves;
    wm_vuldet_clean_vulnerability_info(ctrl_block);

    os_free(ctrl_block);
}

void test_wm_vuldet_insert_cve_info(void **state)
{
    info_cve *info_cves = *state;
    sqlite3 *db = (sqlite3 *)1;
    wm_vuldet_db *parsed_oval = NULL;
    sqlite3_stmt *stmt = NULL;
    int result = OS_INVALID;

    os_calloc(1, sizeof(wm_vuldet_db), parsed_oval);
    parsed_oval->info_cves = info_cves;
    parsed_oval->OS = "RHEL7";

    // CVE info

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-1234-1234");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "title");
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, "severity");
    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "published");
    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, "updated");
    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, "RHEL7");
    expect_value(__wrap_sqlite3_bind_text, pos, 7);
    expect_string(__wrap_sqlite3_bind_text, buffer, "description");
    expect_value(__wrap_sqlite3_bind_text, pos, 8);
    expect_string(__wrap_sqlite3_bind_text, buffer, "cvss");
    expect_value(__wrap_sqlite3_bind_text, pos, 9);
    expect_string(__wrap_sqlite3_bind_text, buffer, "cvss_vector");
    expect_value(__wrap_sqlite3_bind_text, pos, 10);
    expect_string(__wrap_sqlite3_bind_text, buffer, "cvss3");
    expect_value(__wrap_sqlite3_bind_text, pos, 11);
    expect_string(__wrap_sqlite3_bind_text, buffer, "cvss3_vector");
    expect_value(__wrap_sqlite3_bind_text, pos, 12);
    expect_string(__wrap_sqlite3_bind_text, buffer, "cwe");
    expect_sqlite3_step_call(SQLITE_DONE);

    // CVE references

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-1234-1234");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "RHEL7");
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, "refs value");
    expect_sqlite3_step_call(SQLITE_DONE);

    // CVE bugzilla references

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-1234-1234");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "RHEL7");
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, "bugzilla value");
    expect_sqlite3_step_call(SQLITE_DONE);

    // CVE advisories

    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, "CVE-1234-1234");
    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, "RHEL7");
    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, "advisories value");
    expect_sqlite3_step_call(SQLITE_DONE);

    result = wm_vuldet_insert_cve_info(parsed_oval, db, stmt);
    assert_int_equal(result, 0);
    os_free(parsed_oval);
}

// Tests wm_vuldet_set_subversion

void test_wm_vuldet_set_subversion(void **state)
{
    char *version = NULL;
    char *os_minor = NULL;

    os_strdup("1:4.0.el7_8", version);
    wm_vuldet_set_subversion(version, &os_minor);

    assert_string_equal(os_minor, "8");
    os_free(version);
    os_free(os_minor);
}

void test_wm_vuldet_set_subversion_corrupted_version(void **state)
{
    char *version = NULL;
    char *os_minor = NULL;

    os_strdup("1:4.0.el7_", version);
    wm_vuldet_set_subversion(version, &os_minor);

    assert_null(os_minor);
    os_free(version);
}

void test_wm_vuldet_set_subversion_no_minor(void **state)
{
    char *version = NULL;
    char *os_minor = NULL;

    os_strdup("1:4.0.el7", version);
    wm_vuldet_set_subversion(version, &os_minor);

    assert_null(os_minor);
    os_free(version);
}

// Tests wm_vuldet_get_package_os

void test_wm_vuldet_get_package_os_rhel5(void **state)
{
    char *version = NULL;
    const char *os_major = NULL;
    char *os_minor = NULL;

    os_strdup("4.0.el5_3", version);
    wm_vuldet_get_package_os(version, &os_major, &os_minor);

    assert_string_equal(os_major, "RHEL5");
    assert_string_equal(os_minor, "3");
    os_free(version);
    os_free(os_minor);
}

void test_wm_vuldet_get_package_os_rhel6(void **state)
{
    char *version = NULL;
    const char *os_major = NULL;
    char *os_minor = NULL;

    os_strdup("4.0.el6", version);
    wm_vuldet_get_package_os(version, &os_major, &os_minor);

    assert_string_equal(os_major, "RHEL6");
    assert_null(os_minor);
    os_free(version);
}

void test_wm_vuldet_get_package_os_rhel7(void **state)
{
    char *version = NULL;
    const char *os_major = NULL;
    char *os_minor = NULL;

    os_strdup("4.0.el7_8", version);
    wm_vuldet_get_package_os(version, &os_major, &os_minor);

    assert_string_equal(os_major, "RHEL7");
    assert_string_equal(os_minor, "8");
    os_free(version);
    os_free(os_minor);
}

void test_wm_vuldet_get_package_os_rhel8(void **state)
{
    char *version = NULL;
    const char *os_major = NULL;
    char *os_minor = NULL;

    os_strdup("4.0.el8_10", version);
    wm_vuldet_get_package_os(version, &os_major, &os_minor);

    assert_string_equal(os_major, "RHEL8");
    assert_string_equal(os_minor, "10");
    os_free(version);
    os_free(os_minor);
}

// Tests wm_vuldet_get_hash

void test_wm_vuldet_get_hash_open_fail(void **state)
{
    expect_string(__wrap_sqlite3_open_v2, filename, "queue/vulnerabilities/cve.db");
    expect_value(__wrap_sqlite3_open_v2, flags, 2);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, 1);

    char *str = wm_vuldet_get_hash("MSU");
    assert_null(str);
}

void test_wm_vuldet_get_hash_prepare_fail(void **state)
{
    expect_string(__wrap_sqlite3_open_v2, filename, "queue/vulnerabilities/cve.db");
    expect_value(__wrap_sqlite3_open_v2, flags, 2);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, 1);

    char *str = wm_vuldet_get_hash("MSU");
    assert_null(str);
}

void test_wm_vuldet_get_hash_one_row(void **state)
{
    expect_string(__wrap_sqlite3_open_v2, filename, "queue/vulnerabilities/cve.db");
    expect_value(__wrap_sqlite3_open_v2, flags, 2);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    char *hash = "hashvalue1234567";
    char *target = "MSU";

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, target);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, hash);

    will_return(__wrap_sqlite3_close_v2, 1);

    char *str = wm_vuldet_get_hash(target);
    assert_string_equal(hash, str);

    os_free(str);
}

void test_wm_vuldet_get_hash_no_row(void **state)
{
    expect_string(__wrap_sqlite3_open_v2, filename, "queue/vulnerabilities/cve.db");
    expect_value(__wrap_sqlite3_open_v2, flags, 2);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    char *hash = "hashvalue1234567";
    char *target = "MSU";

    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, target);
    will_return(__wrap_sqlite3_bind_text, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    will_return(__wrap_sqlite3_close_v2, 1);

    char *str = wm_vuldet_get_hash(target);
    assert_null(str);
}

// Tests wm_vuldet_parse_MSU_metadata

void test_wm_vuldet_parse_MSU_metadata_open_fail(void **state)
{
    char *path = "/usr/bin/ls";
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    feed_metadata *ret = wm_vuldet_parse_MSU_metadata(path);
    assert_null(ret);
}

void test_wm_vuldet_parse_MSU_metadata_full(void **state)
{
    char *path = "/usr/bin/ls";
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // parse elements
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "lastModifiedDate:12/13/13");

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "testfake:fakeee");

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "sha256:abcdef");

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "size:1012919291");

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "gzSize:1012919291");

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "version:1012919291");

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    feed_metadata *ret = wm_vuldet_parse_MSU_metadata(path);
    assert_string_equal(ret->last_mod, "12/13/13");
    assert_string_equal(ret->sha256, "abcdef");

    os_free(ret->sha256);
    os_free(ret->last_mod);
    os_free(ret->version);
    os_free(ret->size);
    os_free(ret->g_size);
    os_free(ret);
}

// Tests wm_vuldet_check_enabled_msu

void test_wm_vuldet_check_enabled_msu_prepare_fail(void **state)
{
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    bool ret = wm_vuldet_check_enabled_msu((sqlite3*) 1);
    assert_int_equal(ret, false);
}

void test_wm_vuldet_check_enabled_msu_no_rows(void **state)
{
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");

    bool ret = wm_vuldet_check_enabled_msu((sqlite3*) 1);
    assert_int_equal(ret, false);
}

void test_wm_vuldet_check_enabled_msu_one_row(void **state)
{
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);
    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_int, iCol, 0);
    will_return(__wrap_sqlite3_column_int, 1);

    bool ret = wm_vuldet_check_enabled_msu((sqlite3*) 1);
    assert_int_equal(ret, true);

}

void test_wm_insert_MSU_metadata_open_fail(void **state)
{
    expect_string(__wrap_sqlite3_open_v2, filename, "queue/vulnerabilities/cve.db");
    expect_value(__wrap_sqlite3_open_v2, flags, 2);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, 1);

    int ret = wm_insert_MSU_metadata(NULL, NULL);
    assert_int_equal(ret, OS_INVALID);
}

void test_wm_insert_MSU_metadata_prepare_fail(void **state)
{
    expect_string(__wrap_sqlite3_open_v2, filename, "queue/vulnerabilities/cve.db");
    expect_value(__wrap_sqlite3_open_v2, flags, 2);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, 1);

    int ret = wm_insert_MSU_metadata(NULL, NULL);
    assert_int_equal(ret, OS_INVALID);
}

void test_wm_insert_MSU_metadata_one_row(void **state)
{
    feed_metadata *msu = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_tag_ref = FEED_MSU;

    os_calloc(1, sizeof(feed_metadata), msu);
    msu->last_mod = "12/13/12";
    msu->sha256 = "123456";

    // open DB
    expect_string(__wrap_sqlite3_open_v2, filename, "queue/vulnerabilities/cve.db");
    expect_value(__wrap_sqlite3_open_v2, flags, 2);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);

    // prepare DB
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);

    // Insert values
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, vu_feed_tag[update->dist_tag_ref]);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, vu_feed_ext[update->dist_tag_ref]);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, "1");

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "1");

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, msu->last_mod);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, msu->sha256);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    will_return(__wrap_sqlite3_close_v2, 1);

    int ret = wm_insert_MSU_metadata(msu, update);
    assert_int_equal(ret, 0);

    os_free(msu);
    os_free(update);
}

void test_wm_insert_MSU_metadata_no_row(void **state)
{
    feed_metadata *msu = NULL;
    update_node *update = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_tag_ref = FEED_MSU;

    os_calloc(1, sizeof(feed_metadata), msu);
    msu->last_mod = "12/13/12";
    msu->sha256 = "123456";

    // open DB
    expect_string(__wrap_sqlite3_open_v2, filename, "queue/vulnerabilities/cve.db");
    expect_value(__wrap_sqlite3_open_v2, flags, 2);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);

    // prepare DB
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);

    // Insert values
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, vu_feed_tag[update->dist_tag_ref]);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, vu_feed_ext[update->dist_tag_ref]);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, "1");

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "1");

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, msu->last_mod);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, msu->sha256);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_ERROR);

    // ERROR
    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, 1);

    int ret = wm_insert_MSU_metadata(msu, update);
    assert_int_equal(ret, OS_INVALID);

    os_free(msu);
    os_free(update);
}

// Tests wm_vuldet_fetch_MSU_metadata

void test_wm_vuldet_fetch_MSU_metadata_max_attempts(void **state)
{
    update_node *update = NULL;
    char *repo = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    repo = MSU_REPO_META;
    update->timeout = 300;

    // Function fails attepting to download
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '0' seconds.");

    expect_value(__wrap_sleep, seconds, 0);

    // Second try
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '1' seconds.");

    expect_value(__wrap_sleep, seconds, 1);

    // Third try
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '2' seconds.");

    expect_value(__wrap_sleep, seconds, 2);

    // Fourth try
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '3' seconds.");

    expect_value(__wrap_sleep, seconds, 3);

    // Fifth try
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '4' seconds.");

    expect_value(__wrap_sleep, seconds, 4);

    // Last try
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, OS_INVALID);

    feed_metadata *ret = wm_vuldet_fetch_MSU_metadata(update);
    assert_null(ret);

    os_free(update);
}

void test_wm_vuldet_fetch_MSU_metadata_valid_attempt(void **state)
{
    update_node *update = NULL;
    char *repo = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    repo = MSU_REPO_META;
    update->timeout = 300;

    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, 0);

    char *path = VU_TEMP_FILE;
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    feed_metadata *ret = wm_vuldet_fetch_MSU_metadata(update);
    assert_null(ret);

    os_free(update);
}

// wm_vuldet_update_MSU

void test_wm_vuldet_update_MSU_invalid_metadata(void **state)
{

    update_node *update = NULL;
    char *repo = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    repo = MSU_REPO_META;
    update->timeout = 300;

    // download metadata
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, 0);

    char *path = VU_TEMP_FILE;
    expect_string(__wrap_fopen, path, path);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    bool val = wm_vuldet_update_MSU(update);
    assert_int_equal(val, true);

    os_free(update);
}

void test_wm_vuldet_update_MSU_incomplete_metadata(void **state)
{
    update_node *update = NULL;
    char *repo = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    repo = MSU_REPO_META;
    update->timeout = 300;

    // download metadata
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, 0);

    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // parse elements
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "lastModifiedDate:2020-08-16T15:30:50-04:00");

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    bool val = wm_vuldet_update_MSU(update);
    assert_int_equal(val, true);

    os_free(update);
}

void test_wm_vuldet_update_MSU_valid_metadata(void **state)
{
    update_node *update = NULL;
    char *repo = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    repo = MSU_REPO_META;
    update->timeout = 300;

    // download metadata
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, 0);

    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // parse elements
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "lastModifiedDate:2020-08-16T15:30:50-04:00");

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "sha256:abcdef");

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // check timestamp
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, NULL);
    will_return(__wrap_sqlite3_open_v2, SQLITE_ERROR);

    // Insert
    feed_metadata msu = {0};
    msu.last_mod = "2020-08-16T15:30:50-04:00";
    msu.sha256 = "abcdef";

    // open DB
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);

    // prepare DB
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    will_return_always(__wrap_sqlite3_bind_int, 0);

    // Insert values
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_string(__wrap_sqlite3_bind_text, buffer, vu_feed_tag[update->dist_tag_ref]);

    expect_value(__wrap_sqlite3_bind_text, pos, 2);
    expect_string(__wrap_sqlite3_bind_text, buffer, vu_feed_ext[update->dist_tag_ref]);

    expect_value(__wrap_sqlite3_bind_text, pos, 3);
    expect_string(__wrap_sqlite3_bind_text, buffer, "1");

    expect_value(__wrap_sqlite3_bind_text, pos, 4);
    expect_string(__wrap_sqlite3_bind_text, buffer, "1");

    expect_value(__wrap_sqlite3_bind_text, pos, 5);
    expect_string(__wrap_sqlite3_bind_text, buffer, msu.last_mod);

    expect_value(__wrap_sqlite3_bind_text, pos, 6);
    expect_string(__wrap_sqlite3_bind_text, buffer, msu.sha256);

    expect_value(__wrap_sqlite3_bind_int, index, 7);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_value(__wrap_sqlite3_bind_int, index, 8);
    expect_value(__wrap_sqlite3_bind_int, value, 0);

    expect_sqlite3_step_call(SQLITE_DONE);

    will_return(__wrap_sqlite3_close_v2, 1);

    bool val = wm_vuldet_update_MSU(update);
    assert_int_equal(val, true);

    os_free(update);
}

void test_wm_vuldet_update_MSU_updated(void **state)
{
    update_node *update = NULL;
    char *repo = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_ref = FEED_MSU;
    update->dist_ext = "MSU";
    repo = MSU_REPO_META;
    update->timeout = 300;

    // download metadata
    expect_string(__wrap_wurl_request, url, repo);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, 0);

    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // parse elements
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "lastModifiedDate:2020-08-16T15:30:50-04:00");

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "sha256:abcdef");

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // check timestamp
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3 *)1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_value(__wrap_sqlite3_bind_text, buffer, vu_feed_tag[update->dist_tag_ref]);
    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020-08-16T15:30:50-04:00");

    will_return(__wrap_sqlite3_close_v2, 1);

    // updated msg
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5406): The feed 'MSU' is in its latest version.");

    bool val = wm_vuldet_update_MSU(update);
    assert_int_equal(val, false);

    os_free(update);
}

// Tests wm_vuldet_fetch_MSU

void test_wm_vuldet_fetch_MSU_updated(void **state)
{
    update_node *update = NULL;
    char repo [OS_MAXSTR] = {0};

    os_calloc(1, sizeof(update_node), update);
    update->dist_tag_ref = FEED_MSU;
    update->dist_ext = "MSU";
    update->timeout = 300;

    // download metadata
    expect_string(__wrap_wurl_request, url, MSU_REPO_META);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, 0);

    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, 1);

    // parse elements
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "lastModifiedDate:2020-08-16T15:30:50-04:00");

    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, "sha256:abcdef");

    // end loop
    expect_value(__wrap_fgets, __stream, 1);
    will_return(__wrap_fgets, NULL);

    expect_value(__wrap_fclose, _File, 1);
    will_return(__wrap_fclose, OS_SUCCESS);

    // check timestamp
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3 *)1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_OK);
    will_return(__wrap_sqlite3_prepare_v2, SQLITE_OK);

    will_return_always(__wrap_sqlite3_bind_text, 0);
    expect_value(__wrap_sqlite3_bind_text, pos, 1);
    expect_value(__wrap_sqlite3_bind_text, buffer, vu_feed_tag[update->dist_tag_ref]);
    expect_sqlite3_step_call(SQLITE_ROW);

    expect_value(__wrap_sqlite3_column_text, iCol, 0);
    will_return(__wrap_sqlite3_column_text, "2020-08-16T15:30:50-04:00");

    will_return(__wrap_sqlite3_close_v2, 1);

    // updated msg
    expect_string(__wrap__mtdebug1, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mtdebug1, formatted_msg, "(5406): The feed 'MSU' is in its latest version.");

    int val = wm_vuldet_fetch_MSU(update, repo);
    assert_int_equal(val, VU_NOT_NEED_UPDATE);

    os_free(update);
}

void test_wm_vuldet_fetch_MSU_invalid_hash(void **state)
{
    update_node *update = NULL;
    char repo [OS_MAXSTR] = {0};

    os_calloc(1, sizeof(update_node), update);
    update->dist_tag_ref = FEED_MSU;
    update->dist_ext = "MSU";
    update->timeout = 300;

    // download metadata
    expect_string(__wrap_wurl_request, url, MSU_REPO_META);
    expect_string(__wrap_wurl_request, dest, VU_TEMP_FILE);
    expect_value(__wrap_wurl_request, timeout, update->timeout);
    will_return(__wrap_wurl_request, 0);

    // failed to open metadata file
    expect_string(__wrap_fopen, path, VU_TEMP_FILE);
    expect_string(__wrap_fopen, mode, "r");
    will_return(__wrap_fopen, NULL);

    // open db to check hash
    expect_string(__wrap_sqlite3_open_v2, filename, CVE_DB);
    expect_value(__wrap_sqlite3_open_v2, flags, SQLITE_OPEN_READWRITE);
    will_return(__wrap_sqlite3_open_v2, (sqlite3*) 1);
    will_return(__wrap_sqlite3_open_v2, SQLITE_ERROR);

    will_return(__wrap_sqlite3_errmsg, "error");
    expect_string(__wrap__mterror, tag, "wazuh-modulesd:vulnerability-detector");
    expect_string(__wrap__mterror, formatted_msg, "(5503): SQL error: 'error'");
    will_return(__wrap_sqlite3_close_v2, 1);

    expect_string(__wrap__merror, formatted_msg, "Failed to retrieve hash value. File integrity won't be checked.");

    // download msu
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, MSU_REPO);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, 0);

    int val = wm_vuldet_fetch_MSU(update, repo);
    assert_int_equal(val, 0);

    os_free(update);
}

void test_wm_vuldet_fetch_MSU_max_attempts(void **state)
{
    update_node *update = NULL;

    os_calloc(1, sizeof(update_node), update);
    update->dist_tag_ref = FEED_MSU;
    update->dist_ext = "MSU";
    update->timeout = 300;
    char *repo = MSU_REPO;

    // Function fails attepting to download
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '0' seconds.");

    expect_value(__wrap_sleep, seconds, 0);

    // Second try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '1' seconds.");

    expect_value(__wrap_sleep, seconds, 1);

    // Third try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '2' seconds.");

    expect_value(__wrap_sleep, seconds, 2);

    // Fourth try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '3' seconds.");

    expect_value(__wrap_sleep, seconds, 3);

    // Fifth try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    expect_string(__wrap__mdebug1, formatted_msg, "(5405): The download cannot be completed. Retrying in '4' seconds.");

    expect_value(__wrap_sleep, seconds, 4);

    // Last try
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, url, repo);
    expect_string(__wrap_wurl_request_uncompress_bz2_gz, dest, VU_FIT_TEMP_FILE);
    expect_value(__wrap_wurl_request_uncompress_bz2_gz, timeout, update->timeout);
    will_return(__wrap_wurl_request_uncompress_bz2_gz, OS_INVALID);

    int val = wm_vuldet_fetch_MSU(update, repo);
    assert_int_equal(val, VU_INV_FEED);

    os_free(update);

}

int main(void)
{
    const struct CMUnitTest tests[] = {
        // Tests wm_vuldet_get_os_unix_info
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_os_unix_info, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_os_unix_info_only_major, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_os_unix_info_only_release, setup_agent_software, teardown_agent_software),
        cmocka_unit_test(test_wm_vuldet_get_os_unix_info_null_agent),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_os_unix_info_request_invalid, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_os_unix_info_request_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_os_unix_info_request_empty, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_os_unix_info_request_parse_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_os_unix_info_mac, setup_agent_software, teardown_agent_software),
        // Tests wm_vuldet_discard_kernel_package
        cmocka_unit_test_setup_teardown(test_wm_vuldet_discard_kernel_package_null_kernel, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_discard_kernel_package_redhat_no_kernel, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_discard_kernel_package_redhat_kernel, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_discard_kernel_package_debian_family_no_linux_image, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_discard_kernel_package_debian_family_linux_image, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_discard_kernel_package_discard_kernel, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_discard_kernel_package_OK, setup_agent_software, teardown_agent_software),
        // Tests wm_vuldet_linux_rm_nvd_not_affected_packages
        cmocka_unit_test(test_wm_vuldet_linux_rm_nvd_not_affected_packages_oval),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_nvd_not_affected_packages_vendor_Ubuntu, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_nvd_not_affected_packages_vendor_Debian, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_nvd_not_affected_packages_vendor_RedHat, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_nvd_not_affected_packages_vuln_count_failed_prepare, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_nvd_not_affected_packages_nvd_debian_discard, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_nvd_not_affected_packages_nvd_ubuntu_discard, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_nvd_not_affected_packages_nvd_ubuntu_feeds, setup_agent_software, teardown_agent_software),
        // Tests wm_vuldet_linux_rm_nvd_not_dependencies_met_packages
        cmocka_unit_test(test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_OVAL),
        cmocka_unit_test(test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_children_not_found),
        cmocka_unit_test(test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_children_found),
        cmocka_unit_test(test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_siblings_not_found),
        cmocka_unit_test(test_wm_vuldet_linux_rm_nvd_not_dependencies_met_packages_siblings_found),
        // Tests wm_vuldet_linux_rm_nvd_not_vulnerable_packages
        cmocka_unit_test(test_wm_vuldet_linux_rm_nvd_not_vulnerable_packages_oval),
        cmocka_unit_test(test_wm_vuldet_linux_rm_nvd_not_vulnerable_packages_discarded),
        // Tests wm_vuldet_linux_rm_oval_not_affected_packages
        cmocka_unit_test(test_wm_vuldet_linux_rm_oval_not_affected_packages_source_failed_prepare_nvd_count),
        cmocka_unit_test(test_wm_vuldet_linux_rm_oval_not_affected_packages_source_no_nvd_cve),
        cmocka_unit_test(test_wm_vuldet_linux_rm_oval_not_affected_packages_source_failed_prepare_matches_count),
        cmocka_unit_test(test_wm_vuldet_linux_rm_oval_not_affected_packages_same_source),
        cmocka_unit_test(test_wm_vuldet_linux_rm_oval_not_affected_packages_same_source_and_bin),
        cmocka_unit_test(test_wm_vuldet_linux_rm_oval_not_affected_packages_same_bin_and_source),
        cmocka_unit_test(test_wm_vuldet_linux_rm_oval_not_affected_packages_no_source),
        // Tests wm_vuldet_linux_rm_false_positivies
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_false_positivies_without_nodes, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_false_positivies_error_removing_nvd_not_affected, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_false_positivies_error_removing_oval_not_affected, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_rm_false_positivies_ok, setup_agent_software, teardown_agent_software),
        // Tests vuldet_generate_os_and_kernel_package
        cmocka_unit_test_setup_teardown(test_wm_vuldet_generate_os_and_kernel_package_ubuntu, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_generate_os_and_kernel_package_debian, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_generate_os_and_kernel_package_redhat, setup_agent_software, teardown_agent_software),
        cmocka_unit_test(test_wm_vuldet_generate_os_and_kernel_package_null_db),
        cmocka_unit_test(test_wm_vuldet_generate_os_and_kernel_package_null_agent),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_generate_os_and_kernel_package_invalid_agent, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_generate_os_and_kernel_package_os_package_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_generate_os_and_kernel_package_kernel_package_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_generate_os_and_kernel_package_release_end, setup_agent_software, teardown_agent_software),
        // Tests wm_vuldet_compare_vendors
        cmocka_unit_test(test_wm_vuldet_compare_vendors_external_vendor),
        cmocka_unit_test(test_wm_vuldet_compare_vendors_official_vendor),
        // Tests wm_checks_package_vulnerability
        cmocka_unit_test(test_wm_checks_package_vulnerability_no_version_b),
        cmocka_unit_test(test_wm_checks_package_vulnerability_big_version_a),
        cmocka_unit_test(test_wm_checks_package_vulnerability_big_version_b),
        cmocka_unit_test(test_wm_checks_package_vulnerability_lt_with_epoch),
        cmocka_unit_test(test_wm_checks_package_vulnerability_lt_no_epoch),
        cmocka_unit_test(test_wm_checks_package_vulnerability_lt_no_revision),
        cmocka_unit_test(test_wm_checks_package_vulnerability_lt_no_revision_and_score),
        cmocka_unit_test(test_wm_checks_package_vulnerability_le),
        cmocka_unit_test(test_wm_checks_package_vulnerability_eq),
        cmocka_unit_test(test_wm_checks_package_vulnerability_ge),
        cmocka_unit_test(test_wm_checks_package_vulnerability_gt),
        cmocka_unit_test(test_wm_checks_package_vulnerability_ne),
        cmocka_unit_test(test_wm_checks_package_vulnerability_centos_gt),
        // Tests wm_vuldet_truncate_revision
        cmocka_unit_test(test_wm_vuldel_truncate_revision_null),
        cmocka_unit_test(test_wm_vuldel_truncate_revision),
        // Tests wm_vuldet_linux_oval_vulnerabilities
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_error_prepare_nvd_configured_year, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_error_no_nvd_year, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_error_prepare, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_error_prepare_rh, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_error_prepare_deb, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_error_step, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_step_done, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_one_row_no_data, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_one_row_bad_version, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_one_row_not_fixed, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_one_row_error_comparing, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_one_row_not_vulnerable, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_one_row_centos_not_vulnerable, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_vulnerable, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_insert_package_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_duplicated_package, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_linux_oval_vulnerabilities_external_vendor, setup_agent_software, teardown_agent_software),
        // Tests wm_vuldet_build_nvd_report
        cmocka_unit_test(test_wm_vuldet_build_nvd_report_condition_both_including),
        cmocka_unit_test(test_wm_vuldet_build_nvd_report_condition_both_excluding),
        cmocka_unit_test(test_wm_vuldet_build_nvd_report_condition_start_including),
        cmocka_unit_test(test_wm_vuldet_build_nvd_report_condition_start_excluding),
        cmocka_unit_test(test_wm_vuldet_build_nvd_report_condition_end_including),
        cmocka_unit_test(test_wm_vuldet_build_nvd_report_condition_end_excluding),
        // Tests wm_vuldet_fill_report_nvd
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_cve_info_error_prepare),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_cve_info_error_step),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_cve_info_ok),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_references_error_prepare),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_references_error_step),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_references_ok),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_error_prepare),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_error_step),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_crucial),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_high),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_medium),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_low),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_cvss3_sev_none),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_cvss2_sev_high),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_cvss2_sev_medium),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_cvss2_sev_low),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_sev_unknown),
        cmocka_unit_test(test_wm_vuldet_fill_report_nvd_scoring_with_cvss),
        // Tests wm_vuldet_fill_report_oval_data
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fill_report_oval_data_prepare_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fill_report_oval_data_references_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fill_report_oval_data_bugzilla_references_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fill_report_oval_data_advisories_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fill_report_oval_data, setup_agent_software, teardown_agent_software),
        // Tests wm_vuldet_send_agent_report
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_no_hash_node_rh, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_no_hash_node_ubuntu, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_fill_report_nvd_cve_info_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_fill_report_nvd_references_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_fill_report_nvd_scoring_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_fill_report_oval_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_send_cve_report_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_send_cve_report_negative_version, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_send_cve_report_adding_data_from_OVAL_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_send_cve_report_without_errors_OVAL, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_agent_report_send_cve_report_without_errors_NVD, setup_agent_software, teardown_agent_software),
        // Tests test_wm_vuldet_get_cvss
        cmocka_unit_test(test_wm_vuldet_get_cvss_null),
        cmocka_unit_test(test_wm_vuldet_get_cvss_error_cvss_json),
        cmocka_unit_test(test_wm_vuldet_get_cvss_attack_vector_local),
        cmocka_unit_test(test_wm_vuldet_get_cvss_attack_vector_adjacent_network),
        cmocka_unit_test(test_wm_vuldet_get_cvss_attack_vector_network),
        cmocka_unit_test(test_wm_vuldet_get_cvss_attack_vector_physiscal),
        cmocka_unit_test(test_wm_vuldet_get_cvss_access_complexity_low),
        cmocka_unit_test(test_wm_vuldet_get_cvss_access_complexity_medium),
        cmocka_unit_test(test_wm_vuldet_get_cvss_access_complexity_high),
        cmocka_unit_test(test_wm_vuldet_get_cvss_authentication_multiple),
        cmocka_unit_test(test_wm_vuldet_get_cvss_authentication_single),
        cmocka_unit_test(test_wm_vuldet_get_cvss_authentication_none),
        cmocka_unit_test(test_wm_vuldet_get_cvss_confidentiality_impact_none),
        cmocka_unit_test(test_wm_vuldet_get_cvss_confidentiality_impact_partial),
        cmocka_unit_test(test_wm_vuldet_get_cvss_confidentiality_impact_complete),
        cmocka_unit_test(test_wm_vuldet_get_cvss_confidentiality_impact_low),
        cmocka_unit_test(test_wm_vuldet_get_cvss_confidentiality_impact_high),
        cmocka_unit_test(test_wm_vuldet_get_cvss_user_interaction_none),
        cmocka_unit_test(test_wm_vuldet_get_cvss_user_interaction_required),
        cmocka_unit_test(test_wm_vuldet_get_cvss_integrity_impact_none),
        cmocka_unit_test(test_wm_vuldet_get_cvss_integrity_impact_partial),
        cmocka_unit_test(test_wm_vuldet_get_cvss_integrity_impact_complete),
        cmocka_unit_test(test_wm_vuldet_get_cvss_integrity_impact_low),
        cmocka_unit_test(test_wm_vuldet_get_cvss_integrity_impact_high),
        cmocka_unit_test(test_wm_vuldet_get_cvss_availability_none),
        cmocka_unit_test(test_wm_vuldet_get_cvss_availability_partial),
        cmocka_unit_test(test_wm_vuldet_get_cvss_availability_complete),
        cmocka_unit_test(test_wm_vuldet_get_cvss_availability_low),
        cmocka_unit_test(test_wm_vuldet_get_cvss_availability_high),
        cmocka_unit_test(test_wm_vuldet_get_cvss_privileges_required_none),
        cmocka_unit_test(test_wm_vuldet_get_cvss_privileges_required_partial),
        cmocka_unit_test(test_wm_vuldet_get_cvss_privileges_required_complete),
        cmocka_unit_test(test_wm_vuldet_get_cvss_privileges_required_low),
        cmocka_unit_test(test_wm_vuldet_get_cvss_privileges_required_high),
        cmocka_unit_test(test_wm_vuldet_get_cvss_scope_unchanged),
        cmocka_unit_test(test_wm_vuldet_get_cvss_scope_changed),
        cmocka_unit_test(test_wm_vuldet_get_cvss_v2),
        cmocka_unit_test(test_wm_vuldet_get_cvss_v3),
        // Tests wm_vuldet_send_cve_report
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_error_alert_create, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_error_alert_cve_create, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_error_j_package_create, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_error_j_cvss_create, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_error_j_cvss_node_create, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_error_j_advisories_create, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_error_j_bug_references_create, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_error_j_references_create, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_without_title, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_without_condition, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_without_ip, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_without_hotfix, setup_cve_report, teardown_cve_report),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_send_cve_report_sendmsg_error, setup_cve_report, teardown_cve_report),
        // Tests wm_vuldet_extract_advisories
        cmocka_unit_test(test_wm_vuldet_extract_advisories_no_advisories),
        cmocka_unit_test(test_wm_vuldet_extract_advisories),
        // Tests wm_vuldet_build_url
        cmocka_unit_test(test_wm_vuldet_build_url),
        // Tests wm_vuldet_compare_pkg
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_equal_id, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_different_id, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_equal_arch, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_different_arch, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_equal_version, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_different_version, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_equal_bin_name, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_different_bin_name, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_equal_src_name, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_different_src_name, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_equal_vendor, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_compare_pkg_different_vendor, setup_package_comparison, teardown_package_comparison),
        // Tests wm_vuldet_add_cve_node
        cmocka_unit_test_setup_teardown(test_wm_vuldet_add_cve_node_add_error, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_add_cve_node_get_error, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_add_cve_node, setup_package_comparison, teardown_package_comparison),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_add_cve_node_not_found, setup_package_comparison, teardown_package_comparison),
        // Tests wm_vuldet_free_cve_node
        cmocka_unit_test(test_wm_vuldet_free_cve_node),
        // Tests wm_vuldet_report_agent_vulnerabilities
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_info_NULL, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_windows_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_windows_OK, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_linux_create_hash_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_linux_setSize_hash_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_linux_oval_vulnerabilities_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_linux_nvd_vulnerabilities_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_linux_rm_false_positivies_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_linux_send_agent_report_error, setup_agent_software, teardown_agent_software),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_report_agent_vulnerabilities_agent_linux_OK, setup_agent_software, teardown_agent_software),
        // Tests wm_vuldet_fetch_redhat
        cmocka_unit_test(test_wm_vuldet_fetch_redhat_multi_url_no_valid_response),
        cmocka_unit_test(test_wm_vuldet_fetch_redhat_single_url_no_valid_response),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_redhat_single_url_file_open_error, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_redhat_single_url_file_read_remove_error, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_redhat_single_url_file_read_ok, setup_group, teardown_group),
        // Tests wm_vuldet_check_timestamp
        cmocka_unit_test(test_wm_vuldet_check_timestamp_open_error),
        cmocka_unit_test(test_wm_vuldet_check_timestamp_prepare_error),
        cmocka_unit_test(test_wm_vuldet_check_timestamp_outdated),
        cmocka_unit_test(test_wm_vuldet_check_timestamp_updated),
        // wm_vuldet_fetch_oval
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_oval_debian, setup_group, teardown_group),
        cmocka_unit_test(test_wm_vuldet_fetch_oval_ubuntu_max_attempts),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_oval_ubuntu_failed_open, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_oval_ubuntu_updated, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_oval_ubuntu_outdated, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_oval_ubuntu_failed, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_oval_ubuntu_no_close_tag, setup_group, teardown_group),
        // Tests wm_vuldet_get_debian_status_feed
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_debian_status_feed_download_fail, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_debian_status_feed_download_ok, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_debian_status_feed_fopen_ok, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_debian_status_feed_custom_path_fail, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_get_debian_status_feed_custom_path_ok, setup_group, teardown_group),
        // Tests wm_vuldet_json_fread
        cmocka_unit_test(test_wm_vuldet_json_fread_uncompress_fail),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_json_fread_compressed_removing_error, setup_group, teardown_group),
        cmocka_unit_test(test_wm_vuldet_json_fread_not_compressed_ok),
        // Tests wm_vuldet_oval_xml_preparser
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_xml_preparser_invalid_open, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_xml_preparser_invalid_tmp_open, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_xml_preparser_ubuntu, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_xml_preparser_debian, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_xml_preparser_redhat, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_xml_preparser_invalid_feed, setup_group, teardown_group),
        // Tests wm_vuldet_json_rh_parser
        cmocka_unit_test_setup_teardown(test_wm_vuldet_json_rh_parser_no_bugzilla, setup_json_rh_parser_decode, teardown_json_rh_parser_decode),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_json_rh_parser_str_score, setup_json_rh_parser_decode, teardown_json_rh_parser_decode),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_json_rh_parser_num_score, setup_json_rh_parser_decode, teardown_json_rh_parser_decode),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_json_rh_parser_decode_pkg_version_error, setup_json_rh_parser_decode_test_mode, teardown_json_rh_parser_decode),
        // Test wm_vuldet_oval_process
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_xml_preparser_Ubuntu_fail, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_xml_preparser_Debian_fail, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_xml_preparser_ReadXML_fail_Ubuntu, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_xml_preparser_ReadXML_fail_Debian, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_xml_preparser_node_NULL_Ubuntu, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_xml_preparser_node_NULL_Debian, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_xml_preparser_child_node_NULL_Ubuntu, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_xml_preparser_child_node_NULL_Debian, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_oval_xml_parser_invalid_Ubuntu, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_oval_xml_parser_invalid_Debian, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_OK_Ubuntu, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_oval_process_OK_Debian, setup_group, teardown_group),
        // wm_vuldet_oval_xml_parser
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_null_element),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_invalid_element),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_constant_invalid_element),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_test_invalid_element),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_element),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_definition_invalid_element),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_criteria_invalid_element),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_other_invalid_element),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_read_attribute),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_constant_read_attribute),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_test_read_attribute),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_read_attribute),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_no_attribute),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_no_vars),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_valid_content),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_empty),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_valid_vars),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_vars),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_xml_operation),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_xml_datatype),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_state),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_ref),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_valid_definition),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_reference_url),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_reference_id),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_reference_id_cve_exists),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_title),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_criteria),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_operator_OR),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_child_operator_OR),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_operator_AND),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_child_operator_AND),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_invalid_operator),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_valid_operator_OR),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criteria_comment_invalid),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criteria_comment_invalid_child),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criterion_test_ref),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criterion_comment1),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_object_criterion_comment0),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_description),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_version),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_name),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_timestamp),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_schemav),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_date),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_public_date),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_bug),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_product_ref),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_updated),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_severity),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_null_severity),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_ubuntu_dpkg_other_invalid),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_redhat_state),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_redhat_test),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_redhat_object),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_redhat_object_valid_content),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_redhat_rhel5_invalid_target),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_rhel_architecture_equals),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_rhel_architecture_pattern),
        cmocka_unit_test(test_wm_vuldet_oval_xml_parser_rhel_architecture_noarch),
        // Tests wm_vuldet_json_parser
        cmocka_unit_test(test_wm_vuldet_json_parser_file_content_NULL),
        cmocka_unit_test(test_wm_vuldet_json_parser_json_nvd_parser_NULL),
        cmocka_unit_test(test_wm_vuldet_json_parser_json_fread_NULL),
        cmocka_unit_test(test_wm_vuldet_json_parser_feed_redhat),
        cmocka_unit_test(test_wm_vuldet_json_parser_json_wcpe_parser),
        cmocka_unit_test(test_wm_vuldet_json_parser_json_msu_parser),
        cmocka_unit_test(test_wm_vuldet_json_parser_json_unknown),
        // Tests wm_vuldet_index_debian
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_fail_debian_feed, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_package_json_NULL, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_cve_json_NULL, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_cve_json_temp, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_releases_json_NULL, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_target_json_NULL, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_prepare_error, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_step_error, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_unfixed, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_fixed, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_not_affected, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_urgency_end_of_life, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_reason_ignored, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_multiple_cves, setup_debian_json, teardown_debian_json),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_index_debian_multiple_packages, setup_debian_json, teardown_debian_json),
        // Tests wm_vuldet_index_json
        cmocka_unit_test(test_wm_vuldet_index_json_no_multipath_parser_invalid),
        cmocka_unit_test(test_wm_vuldet_index_json_no_multipath_vu_not_need_update),
        cmocka_unit_test(test_wm_vuldet_index_json_multipath_error),
        cmocka_unit_test(test_wm_vuldet_index_json_multipath_opendir_fail),
        cmocka_unit_test(test_wm_vuldet_index_json_multipath_regcomp_fail),
        cmocka_unit_test(test_wm_vuldet_index_json_multipath_readdir_NULL),
        cmocka_unit_test(test_wm_vuldet_index_json_multipath_path_not_file),
        cmocka_unit_test(test_wm_vuldet_index_json_multipath_no_regexec),
        cmocka_unit_test(test_wm_vuldet_index_json_multipath_update_json_feed),
        cmocka_unit_test(test_wm_vuldet_index_json_multipath_OK),
        cmocka_unit_test(test_wm_vuldet_index_json_multipath_path_with_dots),
        // Tests wm_vuldet_get_cve_year
        cmocka_unit_test(test_wm_vuldet_get_cve_year),
        // Tests wm_vuldet_set_feed_update_url
        cmocka_unit_test(test_wm_vuldet_set_feed_update_url_discard_non_harcoded),
        cmocka_unit_test(test_wm_vuldet_set_feed_update_url_ubuntu),
        cmocka_unit_test(test_wm_vuldet_set_feed_update_url_debian),
        cmocka_unit_test(test_wm_vuldet_set_feed_update_url_redhat_5),
        cmocka_unit_test(test_wm_vuldet_set_feed_update_url_redhat_greater_5),
        cmocka_unit_test(test_wm_vuldet_set_feed_update_url_invalid),
        // Tests wm_vuldet_oval_append_rhsa
        cmocka_unit_test(test_wm_vuldet_oval_append_rhsa_empty),
        cmocka_unit_test(test_wm_vuldet_oval_append_rhsa_realloc),
        // Tests wm_vuldet_oval_copy_rhsa
        cmocka_unit_test(test_wm_vuldet_oval_copy_rhsa),
        // Tests wm_vuldet_oval_traverse_rhsa
        cmocka_unit_test(test_wm_vuldet_oval_traverse_rhsa_one),
        cmocka_unit_test(test_wm_vuldet_oval_traverse_rhsa_two),
        // Tests wm_vuldet_add_oval_vulnerability
        cmocka_unit_test(test_wm_vuldet_add_oval_vulnerability_no_vulnerability),
        cmocka_unit_test(test_wm_vuldet_add_oval_vulnerability_with_vulnerability),
        // Tests wm_vuldet_clean_vulnerability_info
        cmocka_unit_test(test_wm_vuldet_clean_vulnerability_info_no_info_cves),
        cmocka_unit_test_setup(test_wm_vuldet_clean_vulnerability_info_one_info_cves, setup_info_cves),
        // Tests wm_vuldet_insert_cve_info
        cmocka_unit_test_setup_teardown(test_wm_vuldet_insert_cve_info, setup_info_cves, teardown_info_cves),
        // Tests wm_vuldet_set_subversion
        cmocka_unit_test(test_wm_vuldet_set_subversion),
        cmocka_unit_test(test_wm_vuldet_set_subversion_corrupted_version),
        cmocka_unit_test(test_wm_vuldet_set_subversion_no_minor),
        // Tests wm_vuldet_get_package_os
        cmocka_unit_test(test_wm_vuldet_get_package_os_rhel5),
        cmocka_unit_test(test_wm_vuldet_get_package_os_rhel6),
        cmocka_unit_test(test_wm_vuldet_get_package_os_rhel7),
        cmocka_unit_test(test_wm_vuldet_get_package_os_rhel8),
        // Tests wm_vuldet_get_hash
        cmocka_unit_test(test_wm_vuldet_get_hash_open_fail),
        cmocka_unit_test(test_wm_vuldet_get_hash_prepare_fail),
        cmocka_unit_test(test_wm_vuldet_get_hash_one_row),
        cmocka_unit_test(test_wm_vuldet_get_hash_no_row),
        // Tests wm_vuldet_parse_MSU_metadata
        cmocka_unit_test_setup_teardown(test_wm_vuldet_parse_MSU_metadata_open_fail, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_parse_MSU_metadata_full, setup_group, teardown_group),
        // Tests wm_vuldet_check_enabled_msu
        cmocka_unit_test(test_wm_vuldet_check_enabled_msu_prepare_fail),
        cmocka_unit_test(test_wm_vuldet_check_enabled_msu_no_rows),
        cmocka_unit_test(test_wm_vuldet_check_enabled_msu_one_row),
        // Tests wm_insert_MSU_metadata
        cmocka_unit_test(test_wm_insert_MSU_metadata_open_fail),
        cmocka_unit_test(test_wm_insert_MSU_metadata_prepare_fail),
        cmocka_unit_test(test_wm_insert_MSU_metadata_one_row),
        cmocka_unit_test(test_wm_insert_MSU_metadata_no_row),
        // Tests wm_vuldet_fetch_MSU_metadata
        cmocka_unit_test(test_wm_vuldet_fetch_MSU_metadata_max_attempts),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_MSU_metadata_valid_attempt, setup_group, teardown_group),
        // Tests wm_vuldet_update_MSU
        cmocka_unit_test_setup_teardown(test_wm_vuldet_update_MSU_invalid_metadata, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_update_MSU_incomplete_metadata, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_update_MSU_valid_metadata, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_update_MSU_updated, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_MSU_updated, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_MSU_invalid_hash, setup_group, teardown_group),
        cmocka_unit_test_setup_teardown(test_wm_vuldet_fetch_MSU_max_attempts, setup_group, teardown_group),
        };
    return cmocka_run_group_tests(tests, NULL, NULL);
}
